Attacks on web applications and APIs are increasing at an alarming rate, while increasing in complexity. In addition, the target of 80% of cyber attackers targeting financial services customers in an attempt to find least resistant avenues for financial gain. This is stated in the Akamai Technologies “Enemy at the Gates” report, where The State of the Internet is presented, revealing the increasing risk to the financial services industry and a shift to more sophisticated techniques. “The financial services industry is one of the most attacked when new vulnerabilities are discovered, one of the targets favorites of DDoS attacks and that it is continually targeted by phishing campaigns, targeting its customers, who suffer the consequences of these attacks,” says Steve Winterfeld, CIO, Akamai Consultant.
Attacks on web applications and APIs
“Enemy at the Gates” shows that financial services are among the most attacked sectors in several key areas: web application and API attacks, DDoS, phishing, exploiting zero-day vulnerabilities, and botnet activities. Most worrisome is the staggering increase in attacks on web applications and APIs, a 257% growth in the number of attacks against financial services over the previous year.The report includes the following data:In 24 hours, the exploitation of zero-day vulnerabilities Newly discovered attacks against financial services reach several thousand attacks per hour and peak quickly, leaving little time to patch and react DDoS attacks against financial services are up 22% from the previous year
Financial Services: Akamai Study Shows Cyberattacks on Web Applications and APIs Have Grown 257% Since Last Year
A significant increase in local file inclusion (LFI) and site script filter (XSS) attacks demonstrates how attacker intents are shifting towards remote code execution, putting increasing pressure on the internal network securityPhishing campaigns against financial services customers are introducing techniques that circumvent two-factor authentication solutions and increase risk for regular customersAttempts to hijack customer accounts account for more than 40% of types of attacks attack, while another 40% is from website scraping, which is used to create more convincing phishing scams.
He has also analyzed the regional trends that most affect financial services: Attacks on web applications and APIs in the Asia-Pacific region and Japan increased by 449% DDoS attacks against financial services in Europe have increased by 73% in 2022Digitization and limited control of cybercrime could be two factors contributing to the increase in cybercriminal activities in Latin America, where there has been a 419% increase in attacks related to web applications and APIs in the last year