A recent report by Akamai, a leading cybersecurity company, has revealed that banks are the most targeted institutions when it comes to web app and API attacks. The report, which analyzed data from various financial services sub-verticals, found that 58% of attacks were directed towards banks. Other financial services, including FinTech, capital markets, property and casualty insurance, and payment and lending companies, accounted for 28% of the attacks. Insurance companies made up the remaining 14%.
The report also highlighted that the primary driver of these attacks was local file inclusion (LFI) vulnerabilities. LFI vulnerabilities allow attackers to launch a directory traversal attack, gaining unauthorized access to sensitive information. Adversaries exploit LFI for various purposes, such as exposing files, disclosing information, executing remote code, or infiltrating enterprise networks. Approximately 58% of web app and API attacks were attributed to LFI vulnerabilities. Cross-site scripting (XSS) and structured query language injection (SQLi) were also prevalent, accounting for 24% and 11% of attacks, respectively.
Teresa Walsh, the global head of intelligence at the Financial Services Information Sharing and Analysis Center (FS-ISAC), emphasized the importance of taking proactive measures to secure systems and manage third-party risk. She stated that in light of the evolving financial services landscape, organizations must adopt an ongoing approach to system hardening. This includes keeping apps and APIs up to date through regular patching, sharing threat intelligence, and conducting incident response exercises. Collaboration within organizations and across the industry is also crucial in mitigating future attacks.
In addition to web app and API attacks, the report highlighted the rise of Distributed Denial-of-Service (DDoS) attacks against the financial services sector. The financial services industry has now become the primary vertical targeted by DDoS attacks, surpassing the gaming industry. The report revealed that the EMEA region accounted for 63.5% of global DDoS events, with a significant increase in Layer 3 and Layer 4 attacks targeting financial services. Europe, particularly due to its close ties with Ukraine, has been a prime target for financially and politically motivated attacks by Russia in relation to the ongoing Russie-Ukraine conflict. EMEA experienced nearly double the number of DDoS attacks compared to North America (32.58%).
These findings highlight the urgent need for the financial services industry to strengthen its cybersecurity defenses. As cyber threats continue to evolve and become more sophisticated, organizations must prioritize the protection of their web applications, APIs, and networks. Implementing robust security measures, staying updated on the latest vulnerabilities, and fostering collaboration among industry stakeholders are crucial steps in safeguarding against these attacks. By taking proactive measures, the financial services sector can better protect sensitive customer data and maintain the trust and confidence of its clients.