Press Releases May 20, 2026 06:28 AM

Financial Services at Risk: DDoS Attacks Are Bigger, Longer, and More Complex, Akamai Research Finds

Akamai's report reveals rising AI-powered DDoS cyberattacks heavily targeting financial services, highlighting security challenges amid digital transformation.

By Derek Hwang
Share
Twitter Reddit Facebook LinkedIn
AKAM

Akamai Technologies' recent State of the Internet Security report exposes a significant increase in sophisticated AI-driven DDoS attacks and API security incidents targeting the financial services sector. The report also highlights regional variations in attack types and underscores the urgent need for advanced cybersecurity defenses within financial institutions.

Financial Services at Risk: DDoS Attacks Are Bigger, Longer, and More Complex, Akamai Research Finds
AKAM
Summarize with
ChatGPT Perplexity Claude Grok Gemini

Key Points

  • Financial services are the primary target for AI-empowered DDoS attacks, with attack duration increasing by 738% since 2024.
  • 96% of surveyed financial service leaders experienced API security incidents in the past year, emphasizing vulnerabilities in digital banking and payments.
  • Regional attack patterns differ: EMEA faces mostly Layers 3 and 4 DDoS attacks, APAC sees more Layer 7 attacks, and North America has prevalent web attacks.
  • Sectors impacted include financial services, cybersecurity technology providers, and cloud computing platforms.

CAMBRIDGE, Mass., May 20, 2026 (GLOBE NEWSWIRE) -- Cybercriminals are now targeting financial services more than any other industry for web and API (Layers 3 and 4) distributed denial-of-service (DDoS) attacks, Akamai (NASDAQ: AKAM) reveals in its AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services State of the Internet (SOTI) Security report. The findings highlight a dangerous shift as pro-Iran hacktivists and AI-driven bots weaponize DDoS tactics to disrupt online banking, payment systems, and critical applications.

Driven by AI-powered infrastructure, the median duration of global Layers 3 and 4 DDoS attacks targeting the financial services sector is up 738% since 2024. This shows that while digital transformation has enabled advances such as online banking and real-time payments, it has also widened the doors for attackers.

Key findings of the report include:

  • Among the financial service leaders surveyed for the 2026 API Security Impact Study, 96% reported at least one API security incident over the past 12 months, the highest among all industries.
  • In 2025, 60% of total web attacks and 83% of incursions against API endpoints targeted banking.
  • Nearly 80% of financial institutions have faced ransomware attacks in the past two years, yet less than half have adopted advanced security technologies.
  • Advanced bot activity surged by 147% in late 2025 — and, in one case study, a staggering 96% of all site traffic was identified as malicious scraping bots.
  • Cyberattack methods against financial services vary significantly by region: EMEA is the primary target for Layers 3 and 4 DDoS (62%), APAC is the most targeted by Layer 7 DDoS (52%), and in North America, web attacks are the most prevalent (44%).

“Cybercriminals and hacktivists continue to escalate DDoS from nuisance attacks to a sustained siege encompassing both hacktivism and cybercrime, and financial services are in the crosshairs," said Steve Winterfeld, Advisory CISO of Akamai. “In addition, the data shows that APIs are increasingly targeted as AI doesn't reduce traditional security risks, it puts them on steroids. Fortunately, financial services organizations can leverage the security strategies and best practices detailed in this report."

AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services also includes: data-supported trends on criminal activity, a guest column by the CISO of FS-ISAC, a security spotlight on MITRE capabilities, a cloud spotlight on the differences among AI architectures, and practical DNS and DDoS attack mitigation strategies.

Now in their 12th year, Akamai’s SOTI Security reports continue to offer critical insights on cybersecurity trends and web performance, drawn from attacks viewed across Akamai’s cybersecurity protective infrastructure, which handles a significant portion of global web traffic.

About Akamai

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.

Contacts
Akamai Media Relations
[email protected]

Akamai Investor Relations
[email protected]


Risks

  • Escalating cyber threats may lead to operational disruptions and financial losses in banking and payment systems.
  • Insufficient adoption of advanced security technologies in financial institutions increases vulnerability to ransomware and botnet attacks.
  • Continued AI-driven attack sophistication could outpace existing defenses, raising systemic risks in digital financial infrastructure.

More from Press Releases

FTI Consulting Expands UK TMT Leadership to Help Companies Navigate Regulatory Scrutiny, Transformation and Stakeholder Pressure Jul 8, 2026 FuelCell Energy Announces Upsize and Pricing of Offering of Common Stock Jul 7, 2026 Concorde International Group Announces Receipt of Nasdaq Notification Regarding Minimum Bid Price Deficiency Jul 7, 2026 Bone Biologics Announces up to $9.0 Million Private Placement Priced At-The-Market Under Nasdaq Rules Jul 7, 2026 IperionX Announces Pricing of Public Offering of American Depositary Shares Jul 7, 2026