Akamai Finds Geopolitical Tensions Driving Surge in DDoS Attacks on Financial Institutions
Akamai Technologies' latest State of the Internet (SOTI) report reveals that financial services remains the most targeted industry for DDoS attacks, accounting for 34% of such incidents. The surge in attacks is attributed to geopolitical tensions and increased hacktivist activities. Key findings include:
1. Financial services is most impacted by brand impersonation (36%) and phishing (68% of counterfeit domains).
2. Sharp increases in Layer 7 DDoS attacks targeting APIs, particularly undocumented shadow APIs.
3. DDoS event frequency doesn't always correlate with attack intensity.
4. Well-known threat actors like REvil, BlackCat, and Anonymous Sudan are involved in these attacks.
The report aims to help financial services cybersecurity professionals understand the complex threat landscape and implement best practices to protect customers.
L'ultimo rapporto State of the Internet (SOTI) di Akamai Technologies rivela che i servizi finanziari rimangono l'industria più presa di mira per gli attacchi DDoS, rappresentando il 34% di tali incidenti. L'aumento degli attacchi è attribuito a tensioni geopolitiche e a un'intensificazione delle attività hacktiviste. I principali risultati includono:
1. I servizi finanziari sono maggiormente colpiti da frode d'identità (36%) e phishing (68% dei domini falsi).
2. Aumenti significativi negli attacchi DDoS di livello 7 mirati alle API, in particolare alle API shadow non documentate.
3. La frequenza degli eventi DDoS non sempre si correla con l'intensità degli attacchi.
4. Attori della minaccia noti come REvil, BlackCat e Anonymous Sudan sono coinvolti in questi attacchi.
Il rapporto mira ad aiutare i professionisti della cybersecurity nei servizi finanziari a comprendere il complesso panorama delle minacce e implementare le migliori pratiche per proteggere i clienti.
servicios financieros siguen siendo la industria más atacada por ataques DDoS, representando el 34% de tales incidentes. El aumento de los ataques se atribuye a tensiones geopolíticas y al incremento de actividades hacktivistas. Los hallazgos clave incluyen:
1. Los servicios financieros son los más afectados por suplantación de identidad (36%) y phishing (68% de dominios falsificados).
2. Aumentos bruscos en los ataques DDoS de capa 7 dirigidos a API, en particular a las API shadow no documentadas.
3. La frecuencia de eventos DDoS no siempre se correlaciona con la intensidad del ataque.
4. Actores de amenazas conocidos como REvil, BlackCat y Anonymous Sudan están involucrados en estos ataques.
El informe tiene como objetivo ayudar a los profesionales de ciberseguridad en los servicios financieros a comprender el complejo panorama de amenazas e implementar las mejores prácticas para proteger a los clientes.
아카마이 테크놀로지의 최신 인터넷 상태(State of the Internet, SOTI) 보고서에 따르면 금융 서비스 산업이 DDoS 공격의 가장 주요한 표적이며, 이러한 사건의 34%를 차지하고 있습니다. 공격 증가의 원인은 지정학적 긴장과 해크티비스트 활동의 증가로 분석됩니다. 주요 발견 사항은 다음과 같습니다:
1. 금융 서비스는 브랜드 사칭 (36%) 및 피싱 (위조 도메인의 68%)에 가장 큰 영향을 받습니다.
2. 문서화되지 않은 언더그라운드 API를 겨냥한 7계층 DDoS 공격이 급증하고 있습니다.
3. DDoS 사건의 빈도는 항상 공격 강도와 상관관계가 없습니다.
4. REvil, BlackCat, Anonymous Sudan과 같은 잘 알려진 위협 행위자들이 이러한 공격에 연루되어 있습니다.
본 보고서는 금융 서비스 사이버 보안 전문가들이 복잡한 위협 경관을 이해하고 고객을 보호하기 위한 모범 사례를 구현하는 데 도움을 주기 위해 작성되었습니다.
Le dernier rapport State of the Internet (SOTI) d'Akamai Technologies révèle que les services financiers restent l'industrie la plus ciblée par les attaques DDoS, représentant 34 % de ces incidents. L'augmentation des attaques est attribuée à des tensions géopolitiques et une intensification des activités hacktivistes. Les principales conclusions comprennent :
1. Les services financiers sont les plus touchés par la usurpation d'identité (36 %) et le phishing (68 % des domaines contrefaits).
2. Des augmentations marquées des attaques DDoS de couche 7 ciblant des API, en particulier des API « shadow » non documentées.
3. La fréquence des événements DDoS ne correspond pas toujours à l'intensité de l'attaque.
4. Des acteurs de menace bien connus comme REvil, BlackCat et Anonymous Sudan sont impliqués dans ces attaques.
Le rapport vise à aider les professionnels de la cybersécurité des services financiers à comprendre le paysage complexe des menaces et à mettre en œuvre les meilleures pratiques pour protéger les clients.
Der neueste Bericht über den Stand des Internets (SOTI) von Akamai Technologies zeigt, dass Finanzdienstleistungen die am häufigsten angegriffene Branche für DDoS-Angriffe bleibt, was 34 % dieser Vorfälle ausmacht. Der Anstieg der Angriffe wird auf geopolitische Spannungen und eine Zunahme von hacktivistischen Aktivitäten zurückgeführt. Wichtige Ergebnisse sind:
1. Finanzdienstleistungen sind am stärksten von Markenimitierung (36 %) und Phishing (68 % der gefälschten Domains) betroffen.
2. Deutliche Zunahmen bei DDoS-Angriffen der Schicht 7, die gezielt auf APIs, insbesondere nicht dokumentierte Schatten-APIs, abzielen.
3. Die Häufigkeit von DDoS-Ereignissen korreliert nicht immer mit der Intensität der Angriffe.
4. Bekannte Bedrohungsakteure wie REvil, BlackCat und Anonymous Sudan sind an diesen Angriffen beteiligt.
Der Bericht soll Fachleuten für Cybersicherheit im Finanzdienstleistungssektor dabei helfen, die komplexe Bedrohungslandschaft zu verstehen und bewährte Praktiken zum Schutz von Kunden zu implementieren.
- Akamai's expertise in identifying and analyzing cybersecurity threats
- Comprehensive report providing valuable insights for financial services cybersecurity professionals
- Identification of specific threat actors and attack patterns, enabling better defensive strategies
- Increased cybersecurity risks for Akamai's financial services clients
- Potential for reputational damage if Akamai's protective measures are perceived as inadequate
- Rising complexity of cyber threats may require increased investment in security solutions
The surge in DDoS attacks on financial institutions, driven by geopolitical tensions, presents a significant challenge for the sector. With
Of particular concern is the rise in Layer 7 DDoS attacks targeting APIs, especially undocumented shadow APIs. This trend highlights the need for financial institutions to conduct thorough API inventories and implement robust API security measures. The disparity between attack frequency and intensity also emphasizes the importance of comprehensive DDoS mitigation strategies that can handle both high-volume and low-volume, high-frequency attacks.
The financial services sector faces a multi-faceted cyber threat landscape, with DDoS attacks being just one aspect. The report's findings on brand impersonation and phishing (
Financial institutions must prioritize investments in advanced threat detection systems, customer education programs and robust authentication mechanisms. The potential economic impact of these cyber threats underscores the need for a holistic cybersecurity approach that goes beyond technical defenses to include risk management strategies and incident response planning.
Akamai's report highlights the critical role of cloud security providers in defending against evolving cyber threats. The company's ability to detect and mitigate large-scale DDoS attacks, such as the one against an Israeli financial company, demonstrates the value of cloud-based security solutions in today's threat landscape.
The emphasis on Zero Trust and microsegmentation in the report points to a shift in security paradigms. Financial institutions should consider adopting these approaches to enhance their security posture. Additionally, the rise in API-targeted attacks underscores the need for API-specific security measures and continuous monitoring of API traffic patterns. As the threat landscape evolves, financial institutions must stay agile and leverage cutting-edge technologies to maintain robust cybersecurity defenses.
Financial services is also most at risk for phishing and brand impersonation
Layer 3 and Layer 4 DDoS attacks target network and transport layers, overwhelming network infrastructure and exhausting server resources and bandwidth. The report reveals that the increased DDoS events stem from ongoing geopolitical tensions, which have fueled a surge in hacktivist activities. This includes one of the largest cyberattacks Akamai has ever observed against a major financial services company in
Navigating the Rising Tide: Attack Trends in Financial Services also details the involvement of well-known threat actors such as REvil, BlackCat (ALPHV), Anonymous Sudan, KillNet, and NoName057 — all notable for their activities related to the
Other main findings of the report include:
- Financial services is the sector most impacted by brand impersonation and abuse (
36% ). This is far ahead of the second most targeted vertical — commerce (26% ). - Phishing dominates the counterfeit domains that are targeting financial services, accounting for
68% of all recorded instances. Brand impersonation follows in second place, representing24% of all recorded domains. - Akamai observed sharp increases in the number of Layer 7 DDoS attacks that specifically target APIs. Of particular concern are undocumented shadow APIs, which are often unprotected because information security teams are unaware of their existence. Attackers can exploit these APIs to exfiltrate data, bypass authentication controls, or perform disruptive acts.
- DDoS event frequency doesn't always correlate with attack intensity. Although some months show few attacks, the corresponding data indicates significant traffic spikes, emphasizing the need to consider both attack frequency and volume when assessing DDoS attacks.
"Cybercrime poses a significant threat to the financial services sector as it tries to cause widespread disruption and serious economic damage," said Steve Winterfeld, Advisory CISO at Akamai. "This report is designed specifically to help financial services cybersecurity professionals around the globe understand the increasingly complex threat landscape and best practices to protect customers."
Navigating the Rising Tide: Attack Trends in Financial Services also features a guest column from the Global Head of Intelligence at FS-ISAC; a case study on credential stuffing attacks; a security spotlight on DDoS attack intensity; regional data; sections on Zero Trust and microsegmentation; and mitigation strategies for defending against DDoS attacks, phishing, brand abuse, and ransomware.
This year marks the 10th anniversary of Akamai's SOTI reports. The SOTI series provides expert insights on the cybersecurity and web performance landscapes, based on data gathered
About Akamai Security
Akamai Security protects the applications that drive your business at every point of interaction, without compromising performance or customer experience. By leveraging the scale of our global platform and its visibility to threats, we partner with you to prevent, detect, and mitigate threats, so you can build brand trust and deliver on your vision. Learn more about Akamai's cloud computing, security, and content delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on X, formerly known as Twitter, and LinkedIn.
Contact
Jim Lubinskas
Akamai Media Relations
703.907.9103
jlubinsk@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/akamai-finds-geopolitical-tensions-driving-surge-in-ddos-attacks-on-financial-institutions-302249882.html
SOURCE Akamai Technologies, Inc.
FAQ
What percentage of DDoS attacks target the financial services industry according to Akamai's report?
How has geopolitical tension affected DDoS attacks on financial institutions, as per Akamai's SOTI report?
What percentage of counterfeit domains targeting financial services are related to phishing, according to Akamai (AKAM)?
Which industry is most impacted by brand impersonation according to Akamai's 2024 report?
