The global financial sector is experiencing a significant surge in Distributed Denial-of-Service (DDoS) attacks, with cybercriminals increasingly targeting banks, payment systems, and online financial platforms. This trend, highlighted in recent research from Akamai, underscores the escalating risks faced by the industry.
Akamai’s latest State of the Internet (SOTI) Security report, titled AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services, warns that AI-driven botnets and politically motivated hacktivist groups are intensifying the cyber threat landscape for financial institutions. The report indicates that Financial Services DDoS attacks have become more persistent and operationally disruptive, particularly affecting Layers 3 and 4 of web and API infrastructure.
Financial Services DDoS Attacks Top the Chart
According to the report, financial services organizations are now the most targeted sector for web and API DDoS attacks. Akamai revealed that the median duration of global Layers 3 and 4 Financial Services DDoS attacks has surged by 738% since 2024. This increase is attributed to the rise of AI-powered attack infrastructure and heightened hacktivist activity, including campaigns linked to pro-Iran cyber groups.
Researchers noted that attackers are increasingly focusing on:
- Online banking systems
- Real-time payment platforms
- API infrastructure
- Customer-facing financial applications
The report emphasizes that as financial institutions expand their digital banking and payment services, their reliance on APIs and cloud-connected infrastructure has also broadened the attack surface available to threat actors.
API-Related Cyber Risks Emerging as Major Security Weakness
One of the most significant findings in the report concerns API-related cyber cybersecurity/” title=”risks” data-wpil-keyword-link=”linked” data-wpil-monitor-id=”28399″>risks. The 2026 API Security Impact Study revealed that 96% of financial service leaders surveyed reported at least one API security incident within the past year, the highest rate recorded among all industries included in the research.
The report also highlighted that:
- 60% of all web attacks in 2025 targeted banking institutions
- 83% of attacks against API endpoints focused on financial organizations
Researchers warned that APIs are increasingly becoming high-value targets, as they support critical services such as digital payments, account management, authentication systems, and mobile banking applications. Steve Winterfeld, Advisory Chief Information Security Officer at Akamai, stated that APIs are now central to modern cyberattacks against financial institutions.
Winterfeld noted that “Cybercriminals and hacktivists continue to escalate DDoS from nuisance attacks to a sustained siege encompassing both hacktivism and cybercrime, and financial services are in the crosshairs.” He added that artificial intelligence is accelerating existing cybersecurity threats rather than replacing them.
AI Botnets Driving DDoS Campaigns
The report underscores how AI-driven infrastructure is enabling attackers to automate and scale malicious operations more effectively. Researchers observed a 147% increase in advanced bot activity during late 2025. In one case study referenced by Akamai, nearly 96% of all traffic reaching a targeted website was identified as malicious scraping bot activity.
Akamai warned that AI-powered botnets are complicating the detection and mitigation of Financial Services DDoS attacks, as attackers can dynamically adapt their attack patterns and traffic behavior. These botnets are also employed to:
- Overwhelm infrastructure
- Disrupt payment systems
- Target APIs
- Scrape sensitive data
- Launch credential abuse campaigns
Cybersecurity experts have increasingly warned that AI-enabled automation allows threat actors to conduct large-scale attacks with fewer technical resources.
Attack Patterns Differ Across Global Regions
The research also identified significant regional differences in cyberattack patterns targeting financial institutions. The report found that:
- Europe, the Middle East, and Africa accounted for 62% of Layers 3 and 4 DDoS attacks
- Asia-Pacific experienced 52% of Layer 7 DDoS attacks
- North America recorded the highest volume of web attacks at 44%
Researchers indicated that these differences reflect varying attacker strategies, infrastructure deployment patterns, and regional cybersecurity maturity levels. The report also revealed that nearly 80% of financial institutions experienced ransomware attacks over the past two years. However, fewer than half of surveyed organizations reported adopting advanced cybersecurity technologies capable of addressing modern attack methods.
Growing Pressure on Financial Sector Cybersecurity
The latest findings contribute to rising concerns regarding operational resilience within the global financial industry. As banks and financial institutions accelerate digital transformation initiatives, cybersecurity teams are challenged to defend increasingly complex environments that heavily rely on APIs, cloud platforms, automated infrastructure, and third-party integrations.
The research suggests that organizations must enhance visibility into APIs, strengthen DDoS mitigation strategies, and modernize threat detection capabilities to effectively address the evolving threat landscape. The SOTI report also provides guidance on DNS security, DDoS mitigation practices, AI architecture security considerations, and insights from financial sector cybersecurity experts, including contributions from the FS-ISAC.
Source: thecyberexpress.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
