Threat Detection & DefenseCyber Crime & ForensicPress Release

New Akamai Study: APAC Banks Most Targeted Globally for Financial Cyberattacks

APAC Faced 52% of Global Application-Layer DDoS Attacks Against Financial Services in 2025

Asia Pacific’s (APAC) financial institutions are facing a growing share of global cyberattacks as digital banking, real-time payments and API-led services expand the region’s attack surface faster than many organisations can secure it. According to Akamai’s latest AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services State of the Internet Security report, APAC accounted for 52% of all global Layer 7 distributed denial-of-service (DDoS) attacks against financial services in 2025, making it the most targeted region for application-layer attacks for the fourth consecutive year—signalling an urgent need for organizations to move faster to secure expanding digital environments.

DDoS attacks are designed to overwhelm online banking portals, payment APIs and customer-facing applications with traffic that appears legitimate, making them far harder to detect and block than conventional network floods. Within APAC, banking and fintech were hit hardest, accounting for 44% and 38% of Layer 7 DDoS attacks respectively, while banking alone made up 92% of lower-level network attacks in the region.

Akamai Uncovers Volume, Velocity, and Complexity

The issue is not just the volume of attacks, but the complexity of the environment they are targeting. National real-time payment systems, mobile banking platforms, FinTech ecosystems and customer-facing services have increased the number of endpoints banks and fintechs need to protect, while competitive pressure and AI-assisted coding tools are accelerating how quickly new services enter production.

Yet many organisations do not have a full view of the APIs they depend on. While 77% of financial services IT and security leaders in APAC believe they have a complete picture of their API estate, only 27% know which APIs return sensitive data. Globally, 96% of financial services organisations reported at least one API security incident in the past 12 months, the highest rate of any industry. This creates a growing blind spot at a time when malicious activity is becoming harder to distinguish from legitimate traffic. Akamai observed a 147% surge in advanced bot activity in late 2025, with AI-powered botnets increasingly capable of mimicking browser behavior and bypassing conventional defences.

“APAC’s banks and fintechs sit at the centre of one of the world’s fastest-moving digital financial environments. Every new payment service, mobile banking feature, FinTech integration and AI-enabled workflow creates another dependency for attackers to probe,” said Reuben Koh, Director of Security Technology and Strategy, APJ, at Akamai. “Many banks are also securing new digital services on top of legacy systems that may be difficult to patch or integrate securely. If an institution does not know which APIs exist, which ones expose sensitive data, or how they are supposed to behave, it is already operating with an elevated level of risk.”

For financial institutions, the takeaway is clear: security must evolve from a compliance function into an operational resilience priority. This includes strengthening defences against application-layer DDoS, network floods and API exploitation; investing in API security tools that can identify sensitive data exposure and abnormal behavior; and adopting AI-powered defences that can respond at machine speed.

The Akamai report also found that organisations using microsegmentation—isolating critical applications to limit how far attackers can move once inside—responded to incidents 33% faster, giving them a material advantage in an environment where every minute of disruption can carry reputational, regulatory and financial consequences.

Now in their 12th year, Akamai’s State of the Internet Security reports draw on attack data observed across Akamai’s cybersecurity protective infrastructure, which handles a significant portion of global web traffic.

Read the full Akamai report here.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *