The financial services sector faces a growing trend in which cyber threats are escalating, with distributed denial-of-service (DDoS) attacks emerging as a real concern. A comprehensive joint report released by FS-ISAC and Akamai Research reveals alarming trends that should concern every financial institution, from community banks to global investment firms.
The data paints a sobering picture. The financial services sector has become the most targeted sector for volumetric DDoS attacks, with threat actors increasingly viewing banks, credit unions, and other financial institutions as high-value targets. This isn’t merely about temporary website outages anymore. These attacks have evolved into sophisticated, strategic operations designed to undermine customer confidence, disrupt operations, and inflict measurable financial damage.
The attacks are more sophisticated, what was once mostly simple network flooding attempts have morphed into multi-dimensional assaults that exploit vulnerabilities across entire supply chains. Cybercriminals now deploy precision-targeted attacks that mimic legitimate user behaviour, making detection exponentially more challenging for security teams.
The statistics reveal the true scope of this threat. Application layer DDoS attacks against financial institutions surged by 23% between 2023 and 2024, with October 2024 marking a particularly devastating spike in activity. This growth trajectory suggests that financial services organisations are not just experiencing more attacks—they’re facing fundamentally different and more dangerous attackers.
The Asia Pacific region experienced the most dramatic shift, with DDoS attacks on financial services jumping from 11% to 38% of all volumetric attacks in the region. This geographic expansion demonstrates how cybercriminals are adapting their strategies to exploit emerging markets and digital transformation initiatives across different continents.
So what is helping drive this change? Perhaps most concerning is the proliferation of DDoS-for-hire services specifically targeting financial institutions. These services democratise sophisticated attack capabilities, allowing even relatively inexperienced actors to launch damaging campaigns. The widespread availability of these services also makes attribution extremely difficult, complicating efforts to understand attacker motivations and develop targeted mitigation strategies.
This commoditisation of DDoS attacks means that financial institutions face threats not just from sophisticated state actors or organised crime groups, but from a much broader range of potential attackers. The barrier to entry for launching effective DDoS campaigns has never been lower.
Path Forward
Recognising these evolving threats, FS-ISAC and Akamai have developed a comprehensive five-level DDoS Maturity Model specifically designed for financial institutions. This framework provides a roadmap for organisations to assess their current defensive capabilities and identify areas for improvement.
The maturity model emphasises that effective DDoS defence requires more than just technical solutions. It demands a holistic approach that integrates people, processes, and technology into a seamless defence strategy. Organisations must foster a culture of continuous vigilance while ensuring their technical defences evolve in tandem with the evolving threat landscape.
Key defensive strategies include implementing robust cyber hygiene fundamentals, establishing comprehensive monitoring capabilities, and developing incident response procedures specifically tailored to DDoS attacks. Financial institutions must also invest in threat intelligence capabilities that can help them understand the evolving tactics of their adversaries. Equally important is having services that will defend against such attacks before they get to you so examining the route in which traffic gets to your services and investing in defences there.