APAC financial sector faces 245% surge in DDoS attacks, report finds
Financial institutions in the Asia-Pacific (APAC) region saw a 245% rise in volumetric Layer 3 and 4 distributed denial-of-service (DDoS) attacks last year, accounting for 38% of such incidents globally, according to a new joint report by FS-ISAC and Akamai.
The report, titled From Nuisance to Strategic Threat: DDoS Attacks Against the Financial Sector, outlines the growing scale and persistence of DDoS attacks targeting APAC's financial sector. In 2023, APAC only accounted for 11% of these incidents, highlighting the extent of the increase.
The analysis found that over 20 financial institutions across six countries were affected by sustained DDoS campaigns in the fourth quarter of 2024, creating downstream risk that could impact up to USD $8 trillion in value. These attacks were notable not for their size, but for their persistence and continuity, a trend not previously seen in APAC.
The wave of attacks impacted multiple sectors, including retail banking, payment processing, investment banking, and financial governmental institutions. The report attributes a significant growth in application-level (Layer 7) attacks to the increasing use of application programming interfaces (APIs) within financial services. This expansion of digital infrastructure has introduced new vulnerabilities and a broader attack surface for malicious actors.
FS-ISAC's Chief Intelligence Officer and Managing Director, EMEA, Teresa Walsh, commented on the changing character of DDoS threats: "DDoS attacks are becoming increasingly sophisticated, evolving from simple network flooding to targeted, multi-dimensional assaults that exploit intricate vulnerabilities across the entire supply chain. As threat tactics continue to evolve — including those impacting APAC's increasingly digital financial systems — we must ensure our technical defenses evolve and our people, tools, and processes work seamlessly together. It is critical that we harden our infrastructure and foster a culture of continuous vigilance and collaboration to protect continuity and customer trust."
Reuben Koh, Director of Security Technology & Strategy, APJ at Akamai, highlighted the changing nature of DDoS campaigns in the region: "DDoS attacks in APAC are no longer blunt-force attempts, but sophisticated multi-vector campaigns that exploit vulnerable systems and exposed APIs. As highly coveted target sectors like financial services, commerce, and manufacturing accelerate digital growth, these continuous attacks pose growing operational and reputational risks, and organizations must work with trusted cybersecurity partners who can provide the intelligence, scalability, and agility needed to defend themselves in today's threat landscape."
The joint report also connects the increase in attacks to broader developments, including ongoing geopolitical tensions such as the Israel-Hamas and Russia-Ukraine conflicts. These events have led to a noted rise in ideologically driven hacktivism and blurred the lines between DDoS-for-Hire groups, hacktivists, and state-sponsored actors. The proliferation of DDoS-for-Hire platforms has made these attack tools accessible to a wider range of threat actors.
Globally, the financial sector remained the most targeted industry segment for Layer 3 and 4 DDoS attacks, making up 37% of incidents. This marks the second consecutive year that financial services have led in reported attack numbers, followed by gaming at 20% and manufacturing at 17%. No other sector experienced a similar surge, according to the report's findings.
The publication discusses strategies for improving defences through the FS-ISAC and Akamai-developed DDoS Maturity Model. This framework provides a benchmark for readiness and recommends targeted investment in defence strategies for organisations managing financial infrastructure and sensitive data.
The DDoS Maturity Model highlights several key actions for financial institutions and related entities: Adopt real-time behavioural analytics and traffic baselining
Implement threat intelligence-led automation for detection and mitigation
Strengthen DNS and API security with continuous testing and hardening
Use geo-IP filtering to reduce exposure from high-risk regions
The report also contains regional data, profiles of hacktivist groups, and an overview of mitigation strategies and best cyber hygiene practices. It notes the importance of mapping organisational capabilities and practices against different stages of maturity in DDoS defence, offering a structured approach to managing a rising strategic threat.
Akamai's collaboration with FS-ISAC on this research builds on the company's involvement in FS-ISAC's Critical Providers Program, which was launched to strengthen supply chain security within the financial sector.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
3 days ago
- Techday NZ
Verax launches Protect to tackle AI data leak risks for firms
Verax AI has announced the global launch of Verax Protect, a solution designed for enterprise use to uncover and mitigate risks associated with Generative AI, with a particular focus on preventing the unintended leakage of sensitive data. The adoption of Generative AI in workplaces is continuing to rise, with many businesses turning to such technology to enhance productivity. However, this rapid integration is exposing us to a number of significant risks, particularly the risk of data leakage. One key concern is that employees might input sensitive data or proprietary information into AI prompts, unintentionally sharing it with external third-party platforms. Recent data shows that over 40% of businesses in the United States now have paid subscriptions to AI models, platforms, and tools, a substantial increase from just 5% in 2023. At the same time, 30% of organisations using AI have already experienced incidents related to AI security. These incidents are also becoming increasingly costly; the global average cost of a data breach reached an all-time high of USD $4.88 million in 2024, a 10% increase from the previous year. Verax Protect is positioned to assist enterprises, including those operating in highly regulated sectors such as finance, healthcare, and defence, in harnessing the advantages of AI while maintaining compliance with data privacy and cybersecurity standards. The solution is designed to support these organisations in avoiding compromises in their stringent data protection regimes as they expand their use of AI. Core features Verax Protect features several core components designed to address key enterprise concerns. The solution aims to prevent proprietary and sensitive data from being inadvertently leaked into third-party AI tools. As AI platforms encourage users to input as much information as possible for optimal results, this has sometimes resulted in employees exposing confidential information to providers that their organisation has not fully vetted. Another key capability is preventing AI tools from disclosing information to staff who are not authorised to access it. The growing use of AI for tasks such as generating reports and summarising company documents increases the risk that internal data could be overshared, placing sensitive material at risk of being viewed by unauthorised personnel. Verax Protect also facilitates the enforcement of organisational AI policies by automating compliance measures. Traditionally, companies have relied on approaches such as employee training sessions and reminder pop-ups to ensure compliance, though these methods have proven largely ineffective. The automated approach aims to reduce the chances of both accidental and deliberate violations of internal policies. In addition to these controls, the solution is designed to help organisations meet security and data protection certification requirements. Many regulatory frameworks, such as the General Data Protection Regulation (GDPR) in Europe or sector-specific laws in the United States, like HIPAA for healthcare and GLBA for financial services, mandate demonstrable efforts to safeguard sensitive data. The adoption of Generative AI presents new challenges around implementing and demonstrating such protections. Verax Protect provides tools to support compliance initiatives and document data safeguarding activities even as AI use increases. Executive insight The launch of Verax Protect is the latest step for the company, which was founded in 2023 by Leo Feinberg, Co-founder and Chief Executive Officer, and Oren Gev, Chief Technology Officer. The two previously founded CloudEndure, a cloud migration and disaster recovery business, was later acquired by Amazon Web Services for USD $250 million. Leo Feinberg, commented: "Generative AI is a double-edged sword. It promises unprecedented gains in productivity, but it also introduces unprecedented risks. With Verax Protect, we're enabling enterprises to stay competitive by leveraging the power of AI without compromising the security, privacy, and compliance of their most sensitive data." Verax AI also offers other products designed to govern AI usage, including Verax Explore and Verax Control. These tools are intended to help organisations monitor and manage both their internal and external use of AI technologies. According to the company, Verax Protect operates as a real-time oversight and risk mitigation tool tailored to the requirements of modern enterprises. The system integrates with internal business systems and provides adjustable controls that reflect both technical and organisational policy requirements. The increasing prevalence of AI adoption in regulated industries underlines the need for effective risk management and oversight. Verax Protect is designed with these requirements in mind, aiming to help businesses benefit from the productivity enhancements of AI while continuing to meet regulatory and security expectations.
Techday NZ
4 days ago
- Techday NZ
Gigamon set to lead deep observability with 52 percent share by 2025
New research from Frost & Sullivan reveals that Gigamon is projected to command a 52 percent share of the global deep observability market in 2025, as organisations place a greater emphasis on securing hybrid cloud infrastructure. Frost & Sullivan's analysis, commissioned by Gigamon, estimates the total addressable market for deep observability will reach USD $880 million in 2025 and expand to USD $2.7 billion by 2029, representing a compound annual growth rate of 33 percent. Market drivers The study highlights that growing adoption of hybrid cloud, increased threat complexity, and the proliferation of artificial intelligence (AI) workloads are key factors driving demand for deep observability solutions. As the number and sophistication of attacks increases, traditional log-based security tools are viewed as insufficient for protecting distributed environments. According to the recent Gigamon 2025 Hybrid Cloud Security Survey of over 1,000 global security and IT leaders, real-time monitoring and visibility across all data in motion are now the top priorities for modern defence strategies. Nearly 89 percent of respondents agreed that deep observability is foundational to effective cloud security. Definition and benefits Frost & Sullivan defines deep observability as the efficient provision of network-derived telemetry to cloud, security, and observability tools. Unlike traditional log analytics, deep observability enhances visibility across complex, hybrid architectures by leveraging detailed insights from network traffic rather than solely relying on pre-existing data logs. The research states that this approach allows security and IT teams to gain a comprehensive view of network and application performance, which in turn can improve security postures and reduce risk by identifying otherwise undetected threats and vulnerabilities. "Over the past year we've seen organisations increasingly prioritise visibility into all data in motion, as they seek to secure their hybrid cloud environments against an accelerating threat landscape," stated Vinay Biradar, Associate Director, Cybersecurity Advisory at Frost & Sullivan. "The increasing complexity of dynamic and distributed workloads is driving a shift in security investments toward solutions that help deliver complete visibility and reduce risk. Our research once again highlights Gigamon as the industry leader, due to its Deep Observability Pipeline and vast ecosystem, as it delivers the rich network-derived telemetry that modern security tools need to effectively secure data and infrastructure from evolving cyberthreats." Sector adoption and drivers Uptake is especially strong among large enterprises with more than 5,000 employees and US Federal Agencies, owing partially to mandatory requirements relating to Zero Trust architectures. The research found that the US Federal government exhibits the highest adoption rate within its sector due to compliance with Zero Trust regulations. Other reported drivers for adopting deep observability solutions include operational efficiency, cost reduction, improved compliance and governance, and the need for comprehensive insight into network traffic, particularly as organisations deploy new AI workloads at scale. Shane Buckley, President and CEO at Gigamon, commented on the evolving technology landscape: "AI is upping the ante for organisations, making complete visibility into all data in motion even more challenging across hybrid cloud infrastructure as organisations rapidly deploy new AI workloads. Increasingly, our customers are relying on the network-derived telemetry we deliver across their virtual machines, containers, cloud, and physical infrastructure, to help eliminate blind spots and vulnerabilities where threat actors could hide. The continued validation of deep observability as a rapidly growing market category underscores its significance in modern cybersecurity tech stacks." Study methodology Frost & Sullivan's research was conducted through a top-down analysis of the deep observability market. This included estimates of the number of large global enterprises and US federal agency adoption rates, as well as typical enterprise spending on deep observability solutions. The findings were derived from both Frost & Sullivan's proprietary research and primary interviews with market participants, including Gigamon.
Scoop
4 days ago
- Scoop
Ceasefire Holds, But Experts Warn Cyber Tensions Between Iran And The West May Be Far From Over
As a U.S.-brokered ceasefire between Israel and Iran holds for now, cybersecurity experts are urging vigilance—noting that while military activity may have paused, cyber tensions are likely to continue simmering beneath the surface. 'In light of recent developments, the likelihood of disruptive cyberattacks against U.S. targets by Iranian actors has increased,' said John Hultquist, chief analyst at Google's Threat Intelligence Group. 'Iran already targets the U.S. with cyberespionage… and individuals associated with Iran policy should be on the lookout for social engineering schemes.' A new report from cybersecurity firm Radware adds weight to those concerns, warning that the Israel-Iran conflict has seen an evolution into a hybrid war that includes cyberspace. According to their latest advisory: Nearly 40% of global DDoS activity recently targeted Israel, with signs of spillover affecting the U.S., U.K., and Jordan. Hacker groups such as DieNet, Arabian Ghosts, and Sylhet Gang have issued warnings or taken credit for attacks, some aimed at Western nations. AI-generated disinformation and deepfakes have appeared across digital platforms, contributing to confusion and information warfare. 'Critical infrastructure, supply chains, and global businesses could become collateral targets if cyber tensions escalate further,' said Pascal Geenens, Director of Threat Intelligence at Radware. 'The Israel-Iran conflict of 2025 is a stark illustration of how modern hybrid warfare plays out online as much as in the real world.' While the ceasefire has reduced the immediate risk of open military confrontation, experts believe that cyberspace may remain a domain for ongoing friction—especially as cyber operations allow for plausible deniability and targeted disruption. Hultquist cautioned that while Iranian cyber operations may sometimes exaggerate their impact, the risk for individual organisations remains serious. 'We should be careful not to overestimate these incidents and inadvertently assist the actors,' he said. 'The impacts may still be very serious for individual enterprises, which can prepare by taking many of the same steps they would to prevent ransomware.' For now, the digital front may be quiet—but beneath the surface, it's likely that espionage and influence operations are still underway.
