Banks faced the most attacks (58%) followed by other financial services such as FinTech, capital markets, property and casualty insurance, and payment and lending companies (28%). Insurance companies accounted for 14% of web app and API traffic within the financial services sub-verticals, according to the report.
Local file inclusion biggest driver of web app, API attacks
Local file inclusion (LFI) vulnerabilities were the top driver of web app and API attacks, accounting for almost 58%. LFI enables attackers to launch a directory traversal (also known as path traversal) attack and subsequently gain access to sensitive information, Akamai wrote. Adversaries use LFI for a variety of nefarious purposes such as exposing files or disclosing information on web servers, performing remote code execution (RCE), or gaining a foothold in an enterprise network.
LFI vulnerabilities were followed by cross-site scripting (XSS) and structured query language injection (SQLi), accounting for 24% and 11% of web app and API attacks, respectively.
“As technology reshapes the financial services landscape, firms must take an active, ongoing approach to hardening systems and managing third-party risk,” Teresa Walsh, global head of intelligence at the Financial Services Information Sharing and Analysis Center (FS-ISAC), tells CSO.
Apps and APIs must be kept patched and current, and it’s also important to share threat intelligence and test incident response processes through exercises, both within organizations and across the industry, she adds.
Financial services top DDoS targets as Layer 3 and 4 attacks increase
The financial services sector is now the top vertical for DDoS attacks, surpassing gaming, with the EMEA region accounting for 63.5% of global DDoS events, according to Akamai’s report. Layer 3 and Layer 4 DDoS attacks against financial services have increased, with EMEA seeing almost double these attack events as North America (32.58%). Akamai surmised this was due to Europe’s close ties with Ukraine with financially and politically motivated attacks by Russia in relation to the Russie-Ukraine conflict.