DDoS attacks on the financial sector, especially in Asia-Pacific, are rising sharply. Banks are the primary targets, with attacks increasing by 154% from 2022 to 2023. Hacktivism and cheap, powerful botnets drive these attacks, posing significant risks to system stability and trust.
The escalating menace of Distributed Denial-of-Service (DDoS) attacks has put the financial sector squarely in the crosshairs of cybercriminals.
Highlighted in the FS-ISAC and Akamai Technologies' report "DDoS: Here to Stay," this worrying trend shows no sign of abating, particularly in the Asia-Pacific region where the financial industry is now the third most targeted for cyberattacks, trailing only behind commerce and gaming.
This designation underscores the broad and increasing risk of cyber threats faced by the sector.
A notable uptick in such cyberattacks, chiefly orchestrated by hacktivists and targeting entities in geopolitically sensitive areas, aims to disrupt the essential online services of these institutions.
The reliance on uninterrupted online presence makes these disruptions more than just inconvenient; they pose a significant threat to the stability and trust in financial systems.
Teresa Walsh, the global head of intelligence at the Financial Services Information Sharing and Analysis Center, underscores the gravity of these threats, noting,
"Even just being offline for a minute can cause huge reputational risks."
This statement highlights the high stakes involved in maintaining continuous online service availability.
In a closer look at the Asia-Pacific region, the report reveals that 11% of DDoS attacks were directed at financial services, with banks suffering the majority of these attacks (91%), a figure that significantly outstrips the global average.
From 2022 to 2023, there was a stark 154% rise in DDoS attacks against the sector, with financial services accounting for 35% of all such attacks globally, thereby eclipsing the gaming industry as the most frequently targeted.
This increase in attacks is linked to the proliferation of more powerful botnets and a surge in hacktivism, often propelled by geopolitical strife.
The report stresses the critical need for robust cybersecurity measures to counteract these threats, particularly those launched via cost-effective DDoS-for-hire services found on the dark web.
Moreover, the report documents a notable rise in both the frequency and intensity of DDoS attacks over 2023, with high-profile banking institutions and those with significant brand recognition being particularly vulnerable.
Despite likely having more sophisticated defence mechanisms, the potential for operational disruption, eroding customer trust, and financial losses remains a significant concern.
Experts from FS-ISAC and Akamai provide insights into the shifting dynamics of DDoS threats.
The document highlights some of the most noteworthy security incidents of 2023, including the largest DDoS attacks that Akamai has encountered across the U.S., Europe, and the APAC region. In a standout moment, Akamai successfully neutralised an unprecedented attack in the APAC area, leveraging the expertise of over 225 front-line responders, a targeted defence capability platform, and advanced DDoS mitigation tactics.
Despite the attack's intensity, peaking at 900.1 Gbps and 158.2 Mbps, it resulted in no collateral damage.
In alignment with Akamai's latest State of the Internet (SOTI) reports for the financial services and commerce sectors, the financial industry continues to be the most targeted sector for web application and API attacks in the APJ region, with commerce following closely behind.
Since the June 2023 analysis, the financial sector has seen attacks surge to over 4.5 billion—a significant rise from 3.7 billion, marking an 18% increase.
Furthermore, since our March 2023 assessment, the commerce sector has witnessed attacks escalate from 1.2 billion to 1.9 billion, indicating a substantial 58% increase. The distribution of attacks within sub-verticals has stayed fairly stable (Figure 1).
Steve Winterfeld, Advisory CISO at Akamai, further explains,
"DDoS attackers use a variety of techniques to annoy, harass, and extort companies. These attacks cost little to launch and can do serious damage to a company’s brand."
This collaborative effort highlights the urgent need for the financial sector to prioritise cybersecurity, enhance defences, and comply with evolving regulations to fend off the persistent threat posed by DDoS attacks.
Elon Musk’s X AI platform has been hit by a massive cyber-attack, leaving users in the U.S. and UK unable to refresh feeds or access accounts. Musk confirmed the attack’s severity, pointing to IP traces from “the Ukraine area,” though experts caution that origin masking is possible.
Late last week, an extraordinary announcement signaled a dramatic shift in U.S. cybersecurity policy: the Trump administration deprioritized Russia as a leading cyber threat. Experts fear downplaying Moscow’s aggression could expose American networks to new risks and undermine national security.
Since early 2022, the British government has tied Iran to over 20 plots threatening UK citizens, reflecting Tehran’s expanding covert tactics. These attempts—spanning assassination, kidnapping, and surveillance—mark a significant escalation on British soil.
A new report by Australian researcher Lina Lau links the NSA to a cyberattack on China’s Northwestern Polytechnical University. Allegedly, NSA hackers used U.S. work schedules and American keyboards, exposing their operations.
