Bad actors aiming to overwhelm organizations’ networks via distributed denial-of-service (DDoS) attacks have targeted the financial industry most frequently.

Data from the Financial Services Information Sharing and Analysis Center (FS-ISAC) and cybersecurity firm Akamai revealed that DDoS attack frequencies surged exponentially from 2014 to 2024, peaking in October with 350 reported incidents. Each incident typically involved thousands—or even millions—of malicious activities.

According to the study, the financial industry was unequivocally
the most frequently targeted sector, and the frequency of DDoS attacks against it has continued to rise. While these attacks commonly target organizational websites, they also frequently affect APIs that handle functions such as logins and payments.

Multidimensional Assaults

APIs serve as critical connections for modern banking infrastructure, enabling banks to collaborate with partners for services like credit scoring and peer-to-peer payments.

Though the widespread adoption of APIs has transformed many financial institutions’ operations positively, it has also expanded the potential attack surface available to bad actors.

Despite effective defenses in place, DDoS attacks are increasingly sophisticated, evolving from mere network flooding to targeted, multidimensional assaults that exploit complex vulnerabilities throughout the supply chain, as noted by Teresa Walsh, FS-ISAC’s Chief Intelligence Officer and Managing Director of EMEA.

Outsourcing Operations

Although DDoS attacks are becoming more intricate, they are not unattainable for cybercriminals. DDoS usage is on the rise, making it easier for criminals to outsource their operations. This trend not only simplifies the initiation of such attacks but also complicates efforts to identify perpetrators.

DDoS fits into the growing cybercrime-as-a-service model where illicit software or services are provided by criminals for financial gain. As these services become more sophisticated on a larger scale, financial institutions must continually seek new methods to defend themselves.