New Akamai State of the Internet Report Reveals APAC Received Highest Median Threat Score for Phishing Attacks Against Financial Institutions
Akamai Technologies, Inc., the cloud company that powers and protects life online, has revealed in a new State of the Internet (SOTI) report titled: Navigating the Rising Tide: Attack Trends in Financial Services, that the financial services sector remains the world’s most frequently targeted industry for Layer 3 and 4 distributed denial-of-service (DDoS) attacks for the second consecutive year. According to the report, financial services account for 34% of DDoS attacks, followed by gaming at 18% and high technology at 15%.
Financial institutions manage vast amounts of sensitive data and high-value transactions, making them attractive targets for DDoS attackers because of the high stakes involved. Layer 3 and Layer 4 DDoS attacks target network and transport layers, overwhelming network infrastructure and exhausting server resources and bandwidth. A successful DDoS attack on a financial institution can be severe, affecting customer trust, causing downtime, and leading to regulatory penalties. As a result, attackers often target these institutions to maximise the potential damage and leverage the high-stakes environment.
Navigating the Rising Tide: Attack Trends in Financial Services reveals that the increased DDoS events stem from ongoing geopolitical tensions, which have fueled a surge in hacktivist activities. The report details the involvement of well-known threat actors such as REvil, BlackCat (ALPHV), Anonymous Sudan, KillNet and NoName057 – all notable for their activities related to the Russia-Ukraine war. In addition, it explains how massive cyberattacks against global financial institutions have been launched in the wake of the Israel-Hamas conflict.
Akamai Findings
Other main findings of the report include:
- Financial services is the sector most impacted by brand impersonation and abuse (36%), based on the number of suspicious sites monitored by Akamai. This is far ahead of the second most targeted vertical – commerce (26%).
- Phishing dominates the counterfeit domains that are targeting financial services, accounting for 68% of all recorded instances. Brand impersonation follows in second place, representing 24% of all recorded domains.
- Akamai observed sharp increases in the number of Layer 7 DDoS attacks that specifically target applications via APIs. A major concern is undocumented shadow APIs, which are often unprotected because information security teams are unaware of their existence. Attackers can exploit these APIs to exfiltrate data, bypass authentication controls, or perform disruptive acts.
- DDoS event frequency doesn’t always correlate with attack intensity. While some months show few attacks, the corresponding data indicates significant traffic spikes, emphasising the need to consider both attack frequency and volume when assessing DDoS attacks.
“Cybercrime poses a significant threat to the financial services sector as it causes widespread disruption and serious economic damage,” said Steve Winterfeld, Advisory CISO, Akamai. “This report is designed specifically to help financial services cybersecurity professionals around the globe understand the increasingly complex threat landscape and best practices to protect customers.”
High Digital Adoption Makes APJ’s Financial Sector More Vulnerable to Cyber Attacks
The APJ region faces unique cybersecurity challenges due to its fragmented landscape, where developed and developing countries with strong gross domestic product (GDP) make it a prime target for attacks. The report revealed that APJ received the highest median threat score out of all regions for phishing, specifically around the number of suspicious domains and requests. The rapid digitalisation in banking, combined with low awareness of phishing dangers, puts consumers at a higher risk of attacks despite this region having fewer phishing or brand impersonation domains compared to other parts of the world. This indicates that consumers in the region are at a higher risk of having their banking information and other sensitive data stolen when visiting websites.
While the financial services sector in APJ is rapidly adopting digital and emerging technologies, its cybersecurity measures lag behind Europe and America. The region’s financial services face rising brand abuse risks due to two key factors: high digitisation and active social media use. With almost all services available online, APJ’s strong internet adoption makes it a prime target for cybercriminals. Additionally, financial organisations’ increased engagement on social media, in some of the most active markets globally, opens more avenues for phishing and impersonation attacks, exploiting users’ trust in these platforms.
“Financial institutions in APJ face a trifecta of challenges in today’s landscape such as safeguarding assets and data, ensuring compliance, and staying ahead of innovation to educate customers on the latest phishing and scam tactics. Traditional security mechanisms often fall short in detecting sophisticated threats like ransomware and API abuse, underscoring the need for modern AI-powered security technologies to better protect the organisation, meet new regulatory standards and protect customer trust,” said Reuben Koh, Director of Security Technology & Strategy, APJ, Akamai Technologies.
“With Financial services continuing to be the most targeted industry in APJ for web application and API cyberattacks, technology decision-makers like Chief Information Security Officers must carefully decide where to automate, delegate, and outsource, ensuring scalable security solutions that not only defend assets but also preserve customer loyalty in an increasingly digital world.”
Navigating the Rising Tide: Attack Trends in Financial Services also features a guest column from FS-ISAC, a case study on credential stuffing attacks, a security spotlight on DDoS attack intensity, regional data, sections on Zero Trust and micro-segmentation, and mitigation strategies for defending against DDoS attacks.
This year marks the 10th anniversary of Akamai’s State of the Internet (SOTI) reports. The SOTI series provides expert insights on the cybersecurity and web performance landscapes, based on data gathered from Akamai Connected Cloud.