Surge In DDoS Attacks On Financial Services

Uploaded on 2024-10-11 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The cloud company that powers much of the Interent, Akamai Technologies, has released a new report that shows financial services remains the most frequently targeted industry by Layers 3 and 4 distributed denial-of-service (DDoS) attacks for the second consecutive year.  

Navigating the Rising Tide: Attack Trends in Financial Services finds that financial services account for 34% of DDoS attacks. This is followed by gaming at 18% and high technology at 15%.

Layer 3 and Layer 4 DDoS attacks target network and transport layers, overwhelming network infrastructure and exhausting server resources and bandwidth. The Report reveals that the increased DDoS events stem from ongoing geopolitical tensions, which are behind a surge in hacktivist activities.

This includes one of the biggest cyber attacks Akamai has ever observed against a major financial services company in Israel.

Akamai's report details the involvement of well-known threat actors such as REvil, BlackCat, Anonymous Sudan, KillNet, and NoName057, all notable for their activities related to the Russia-Ukraine war.

Other Main Findings of the Report Include:

  • Financial services is the sector most impacted by brand impersonation and abuse (36%). This is far ahead of the second most targeted vertical, commerce (26%).
  • Phishing dominates the counterfeit domains that are targeting financial services, accounting for 68% of all recorded instances. Brand impersonation follows in second place, representing 24% of all recorded domains.
  • Akamai observed sharp increases in the number of Layer 7 DDoS attacks that specifically target APIs. Of particular concern are undocumented shadow APIs, which are often unprotected because information security teams are unaware of their existence. Attackers can exploit these APIs to exfiltrate data, bypass authentication controls, or perform disruptive acts.
  • DDoS event frequency doesn't always correlate with attack intensity. Although some months show few attacks, the corresponding data indicates significant traffic spikes, emphasising the need to consider both attack frequency and volume when assessing DDoS attacks.

In comment, Steve Winterfeld, Advisory CISO at Akamai said “Cyber crime poses a significant threat to the financial services sector as it tries to cause widespread disruption and serious economic damage... This report is designed specifically to help financial services cybersecurity professionals around the globe understand the increasingly complex threat landscape and best practices to protect customers.”

The report  also features a case study on credential stuffing attacks; a security spotlight on DDoS attack intensity; regional data; sections on Zero Trust and microsegmentation; and mitigation strategies for defending against DDoS attacks, phishing, brand abuse, and ransomware.

Akamai     |     PR Newswire

Image: 

You Might Also Read: 

DDoS Attack Knocks Azure Offline:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Improving Cyber Security With AI
Advances In Recognising Deepfakes »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

Picasso

Picasso

The Picasso project is focused on ICT Policy, Research and Innovation for a Smart Society: towards new avenues in EU-US ICT collaboration.

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

ngCERT

ngCERT

ngCERT is the National Computer Emergency Response Team for Nigeria.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

Converge Technology Solutions

Converge Technology Solutions

Converge Technology Solutions Corp. is a North American IT solution provider delivering advanced analytics, cloud, cybersecurity, and managed services solutions.

Isovalent

Isovalent

Isovalent deliver the most advanced Kubernetes networking & security capabilities to the most demanding of enterprise users.

Regulativ.ai

Regulativ.ai

Regulativ.ai is an innovative and comprehensive platform, driven by AI, to address the regulatory and compliance needs of Cyber Security Regulatory compliance and reporting.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

Framework Security

Framework Security

With Framework Security, you get more than a consultancy; you get a partner dedicated to simplifying cybersecurity and protecting your business in the most efficient way possible.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Digital.ai

Digital.ai

Digital.ai empowers organizations to scale software development teams, continuously deliver software with greater quality and security.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.