Cyberattacks on European financial services more than doubled in 2023

A new State of the Internet report that explores existing and emerging cyberattacks against the financial services industry, finds that financial services is the third-most attacked vector in the Europe, Middle East, and Africa (EMEA) region

The High Stakes of Innovation: Attack Trends in Financial Services found there were approximately 1 billion web application and API attacks, which represents a significant 119% year-over-year increase when comparing Q2 2022 with Q2 2023.

In EMEA, insurance is by far the most attacked sub-vertical of financial services with 54.5% of all web cyberattacks, which represents a 68% increase year over year.

Insurance companies hold a huge amount of personally identifiable information, which makes them an attractive target for cybercriminals in contrast with other financial services organisations that hold mostly financial data.

The report also finds that as a region, EMEA experienced the most DDoS cyberattack events (63.5% of attacks worldwide), which is nearly double the number in North America, the next top region (32.6%).

The United Kingdom tops the list in EMEA at 29.2% of DDoS attack events, followed by Germany at 15.1%.

Akamai surmises that the attacks on the European banks that are allies of Ukraine are financially and politically motivated by Russia’s continued war in Ukraine and are the primary reason for the increase in attack events in EMEA.

Top 5 insights:

1. Web application and API attacks in the financial services industry grew by 65% when comparing Q2 2022 with Q2 2023, accounting for 9 billion attacks in 18 months. This was driven in part by cybercriminal groups’ active pursuit of zero-day and one-day vulnerabilities as pathways for initial intrusion.
2. Financial services continues to see a rise in Layer 3 and Layer 4 DDoS attacks and has surpassed gaming as the top vertical. This increase appears to be caused by the dramatic surge in thepower of virtual machine botnets and pro-Russian hacktivism motivated by the Russia–Ukraine conflict.
3. The Europe, Middle East, and Africa (EMEA) region accounts for 63.52% of Layer 3 and Layer 4 DDoS events, continuing the “regional shift” trend observed last year. The number of attacks against this region was nearly double the number of the next top region. We surmise this is due to the attacker groups’ financial and political motivations against European banks. Additionally, this shows how easily adversaries can quickly switch their attention.
4. While the financial services industry has fewer third-party scripts than other industries (30%), it is prone to attacks like web skimming. However, financial services organizations are proactively fighting back with the adoption of solutions to comply with the new requirements of the Payment Card Industry Data Security Standard (PCI DSS) v4.0.
5. The ascending number of malicious bot requests (1.1 trillion), which spiked by 69%, exemplifies the continued assaults against financial services customers and their data via attacks like account takeovers and risks posed by financial aggregators.

“As cybercriminals continue to follow the money, financial services remains a hugely attractive target. At the same, this is one of the most regulated sectors and hence it is essential for companies to align their security strategy with emerging laws and regulations,” said Richard Meeus, Akamai’s Director of Security Technology and Strategy, EMEA.

“The High Stakes of Innovation: Attack Trends in Financial Services aims to provide insights that will equip this sector with the tools needed to improve security for their customers.”