Financial services firms are increasingly being targeted by distribute-denial-of services (DDoS) attacks as a new report showed a 22% uptick in the number of such attacks in the last year.
This is especially true across Europe, where the attacks increased by 73%, and where financial services were the target of 50% of all DDoS assaults.
Entitled The Evolution of DDoS: Return of the Hacktivists, the report finds that much of the increase in DDoS attacks is driven by groups that have taken sides in the Russia-Ukraine war or other geopolitical conflicts. This includes organisations such as Killnet, which has targeted the United States and nations throughout Europe.
The report was conducted through the collaboration of FS-ISAC – the member-driven, not-for-profit organisation that advances cybersecurity and resilience in the global financial system – and Akamai Technologies.
“We teamed up with FS-ISAC to produce the report in an effort to better educate the financial community about the threats of DDoS and to offer some threat trends and best practices for the sector to better combat these attacks,” said Steve Winterfeld, advisory CISO at Akamai Technologies.
“Though DDoS attacks have been around for some time, we are seeing that they are evolving in new, innovative and aggressive ways.”
Steve Winterfeld, Akamai Technologies
The collaboration on this report is a product of Akamai’s founding participation in FS-ISAC’s Critical Providers Program, launched in 2022 to bolster the financial sector’s supply chain security.
“The continued evolution of DDoS shows that it is far from a solved problem,” said Teresa Walsh, global head of intelligence at FS-ISAC.
“Working with our sector’s critical providers like Akamai, who have first-hand knowledge of how DDoS is affecting the financial sector, enables us to arm our members with the understanding and guidance they need to better protect their firms and customers.”
Teresa Walsh, FS-ISAC
Other major findings of the report include:
- Taking a cue from ransomware attacks, many DDoS campaigns now include extortion tactics.
- DDoS can serve as a cover for other, potentially more damaging cyber activities such as infiltration of systems and exfiltration of data and malware installation. This means that when cybersecurity teams encounter DDoS, they must also be on the alert for other types of attacks, putting extra strain on already limited resources.
- The evolution of DDoS means that firms must update their risk profiles and mitigation measures accordingly. Far from a low-level annoyance, DDoS should increasingly be considered a key cyber defense challenge. The report discusses several mitigation strategies, including network best practices, cyber hygiene and resilience.
- As more services are moved to the cloud or contracted in an aaS (as-a-Service) model, those services will depend on other supply chain components. Service disruptions anywhere in the supply chain can have a serious impact on an organisation's operation.