Financial services sector is now the number one target for DDoS
attacks
RESTON,
Va. and CAMBRIDGE,
Mass., March 6, 2024 /PRNewswire/ -- FS-ISAC, the
member-driven, not-for-profit organization that advances
cybersecurity and resilience in the global financial system, and
Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that
powers and protects life online, today released new research on the
surge of distributed denial-of-service (DDoS) attacks threatening
the financial services sector and its customers.
The report, DDoS: Here to Stay, revealed that more than
one-third (35%) of all DDoS attacks in 2023 were aimed at the
financial services industry, which has surpassed the gaming sector
as the most-attacked vertical. Driven by a dramatic surge in the
power of botnets and hacktivism motivated by the Russia-Ukraine
War, the financial services industry experienced a 154% increase in
DDoS attacks between 2022 to 2023.
The report details several of the major incursions of 2023,
including the largest DDoS attacks ever launched against Akamai's
customers in the United States,
Europe, and the Asia-Pacific (APAC) region. Notably, Akamai
successfully mitigated a record-breaking attack in APAC by
employing a combination of more than 225 frontline responders, a
dedicated defense capacity platform, and optimized DDoS incident
response plans. Although attack traffic peaked at 900.1 Gbps and
158.2 Mpps, no collateral damage was reported.
Moreover, the report explains how nation-states, ransomware
attackers, criminal groups, and hacktivists have all leveraged DDoS
as a part of point attacks or campaigns, often using low-cost
DDoS-for-hire services that are available on underground markets.
It also examines how organizations can mitigate the impacts of
these attacks through thoughtful cyber hygiene policies, including
regularly assessing their networks, applications, and security
measures.
Other major findings of the report include:
- DDoS attacks are quickly becoming one of the most prevalent
types of cyberthreats, experiencing rapid growth in both number and
volume over the past year, with significant jumps in the number of
attacks during the second and third quarters of 2023.
- Larger firms and banks with strong brand recognition are more
likely to be targeted, as attackers aim to create the appearance of
widespread disruption and disinformation. However, they are also
the most likely enterprises to have strong mitigations in
place.
- Hacktivists and DDoS attacks can disrupt business operations,
leading to a loss of credibility, customer trust, and financial
damage. Moreover, DDoS attacks may serve as a smoke screen for
other malicious activities, such as data theft or cyber
espionage.
- In the Europe, Middle East, and Africa (EMEA) region, the financial services
sector accounted for 66% of all DDoS attacks, compared with 28% in
North America. In APAC, financial
services ranked as the third-most attacked sector, representing 11%
of DDoS attacks.
- The concentration of DDoS attacks in the EMEA region highlights
the use of DDoS as a tool for political motives, hacktivism, and
cyber warfare, specifically in relation to the Russia-Ukraine
War.
"While DDoS is an age-old problem, there is a renewed focus
driven by heightened geopolitical tensions as nation-states and
hacktivists seek to disrupt operations and break trust in the
global financial system," said Teresa
Walsh, Chief Intelligence Officer and Managing Director,
EMEA, at FS-ISAC. "These DDoS campaigns are becoming more
persistent and increasingly multi-vector as they target all areas
of the financial sector, including wealth management, banking,
credit cards, digital payments, and insurance."
"DDoS attackers use a variety of techniques to annoy, harass,
and extort companies," said Steve
Winterfeld, Advisory CISO at Akamai. "These attacks cost
little to launch and can do serious damage to a company's brand.
DDoS: Here to Stay explains why the financial sector will continue
to see attacks from a variety of threat actors and demonstrates why
organizations must prioritize robust cyber hygiene, optimize cyber
defenses, and ensure compliance with evolving
regulations."
The collaboration on this report is a product of Akamai's
foundational participation in FS-ISAC's Critical Providers
Program, which was launched in 2022 to bolster the financial
sector's supply chain security.
Download the report here
About FS-ISAC
FS-ISAC is the member-driven, not-for-profit organization
that advances cybersecurity and resilience in the global financial
system, protecting the financial institutions and the people they
serve. Founded in 1999, the organization's real-time
information-sharing network amplifies the intelligence, knowledge,
and practices of its members for the financial sector's collective
security and defenses. Member financial firms represent
$100 trillion in assets in 75
countries.
About Akamai
Akamai powers and protects life online. Leading companies
worldwide choose Akamai to build, deliver, and secure their digital
experiences — helping billions of people live, work, and play every
day. Akamai Connected Cloud, a massively distributed edge and cloud
platform, puts apps and experiences closer to users and keeps
threats farther away. Learn more about Akamai's cloud computing,
security, and content delivery solutions at
akamai.com and akamai.com/blog, or follow Akamai
Technologies on X, formerly known as
Twitter, and LinkedIn.
CONTACT: Akamai PR, akamaiPR@akamai.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/ddos-attacks-on-financial-services-industry-up-154-according-to-new-fs-isacakamai-report-302080962.html
SOURCE Akamai Technologies, Inc.