Cybercriminals are now targeting financial services more than any other industry for web and API (Layers 3 and 4) distributed denial-of-service (DDoS) attacks, Akamai reveals in its AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services State of the Internet (SOTI) Security report. The findings highlight a dangerous shift as pro-Iran hacktivists and AI-driven bots weaponize DDoS tactics to disrupt online banking, payment systems, and critical applications.
Driven by AI-powered infrastructure, the median duration of global Layers 3 and 4 DDoS attacks targeting the financial services sector is up 738% since 2024. This shows that while digital transformation has enabled advances such as online banking and real-time payments, it has also widened the doors for attackers.
“Cybercriminals and hacktivists continue to escalate DDoS from nuisance attacks to a sustained siege encompassing both hacktivism and cybercrime, and financial services are in the crosshairs,” said Steve Winterfeld, Advisory CISO of Akamai. “In addition, the data shows that APIs are increasingly targeted as AI doesn’t reduce traditional security risks, it puts them on steroids. Fortunately, financial services organizations can leverage the security strategies and best practices detailed in this report.”
AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services also includes: data-supported trends on criminal activity, a guest column by the CISO of FS-ISAC, a security spotlight on MITRE capabilities, a cloud spotlight on the differences among AI architectures, and practical DNS and DDoS attack mitigation strategies.
Now in their 12th year, Akamai’s SOTI Security reports continue to offer critical insights on cybersecurity trends and web performance, drawn from attacks viewed across Akamai’s cybersecurity protective infrastructure, which handles a significant portion of global web traffic.
