Financial services organizations have been inundated with a wave of distributed denial of service (DDoS) attacks this year, far surpassing any other industry, as a result of the escalating trend of hacktivism.
A recent report from Akamai revealed that from January 1 to June 30, the financial services sector experienced close to 3,000 Layer 3 and 4 DDoS attack incidents. These types of attacks, occurring at the network and transport layers of Internet communication, targeted financial institutions with unprecedented frequency. In comparison, the gaming, high tech, and manufacturing industries faced around 1,000 to 1,500 DDoS events each during the same period.
Experts attribute the surge in DDoS attacks to various factors, including the overall increase in DDoS incidents across all sectors, a rise in hacktivist campaigns tied to prominent geopolitical conflicts, emerging threats to application programming interfaces (APIs), and more.
The simplicity and effectiveness of launching a DDoS attack make it an attractive option for malicious actors. Richard Hummel, director of threat intelligence at Netscout, emphasized the ease of executing such attacks, stating, “They don’t have to find a vulnerability. They don’t have to find that gap in your armor. They can just literally sit there and hit a button.”
Hacktivism has played a significant role in driving DDoS attacks against financial institutions. In a recent incident on July 15, a major financial services company in Israel faced a massive onslaught orchestrated by a globally distributed botnet. The attack involved multiple vectors, including UDP flooding, DNS reflection, and more, reaching a peak data rate of 789GB per second. Despite enduring for hours, this attack was just one of the many politically motivated campaigns that targeted various financial institutions around the same time.
The connection between finance and politics has made financial institutions prime targets for hacktivists. Especially in regions where government and finance are closely linked, attacks against financial entities are perceived as strikes against the government itself. Hackers leverage political tensions to justify their actions, as seen in the targeted attacks on various financial institutions in Moldova and other conflict-ridden territories.
Moreover, the implementation of the Payment Services Directive 2 (PSD2) in Europe has inadvertently increased the vulnerability of financial services providers to DDoS attacks. By requiring open APIs for third-party services, PSD2 has expanded the attack surface for cybercriminals. The lack of visibility and control over API ecosystems within financial institutions has created additional entry points for attackers to exploit, leading to a rise in application-layer DDoS attacks targeting APIs.
As the threat landscape continues to evolve, financial services companies must prioritize API discovery and robust security measures to safeguard against DDoS attacks. Enhancing visibility and control over their API ecosystems can help organizations mitigate the risks posed by malicious actors seeking to disrupt their operations.