APAC financial sector faces 245% surge in DDoS attacks, report finds

Financial institutions in the Asia-Pacific (APAC) region saw a 245% rise in volumetric Layer 3 and 4 distributed denial-of-service (DDoS) attacks last year, accounting for 38% of such incidents globally, according to a new joint report by FS-ISAC and Akamai.
The report, titled From Nuisance to Strategic Threat: DDoS Attacks Against the Financial Sector, outlines the growing scale and persistence of DDoS attacks targeting APAC's financial sector. In 2023, APAC only accounted for 11% of these incidents, highlighting the extent of the increase.
The analysis found that over 20 financial institutions across six countries were affected by sustained DDoS campaigns in the fourth quarter of 2024, creating downstream risk that could impact up to USD $8 trillion in value. These attacks were notable not for their size, but for their persistence and continuity, a trend not previously seen in APAC.
The wave of attacks impacted multiple sectors, including retail banking, payment processing, investment banking, and financial governmental institutions. The report attributes a significant growth in application-level (Layer 7) attacks to the increasing use of application programming interfaces (APIs) within financial services. This expansion of digital infrastructure has introduced new vulnerabilities and a broader attack surface for malicious actors.
FS-ISAC's Chief Intelligence Officer and Managing Director, EMEA, Teresa Walsh, commented on the changing character of DDoS threats: "DDoS attacks are becoming increasingly sophisticated, evolving from simple network flooding to targeted, multi-dimensional assaults that exploit intricate vulnerabilities across the entire supply chain. As threat tactics continue to evolve — including those impacting APAC's increasingly digital financial systems — we must ensure our technical defenses evolve and our people, tools, and processes work seamlessly together. It is critical that we harden our infrastructure and foster a culture of continuous vigilance and collaboration to protect continuity and customer trust."
Reuben Koh, Director of Security Technology & Strategy, APJ at Akamai, highlighted the changing nature of DDoS campaigns in the region: "DDoS attacks in APAC are no longer blunt-force attempts, but sophisticated multi-vector campaigns that exploit vulnerable systems and exposed APIs. As highly coveted target sectors like financial services, commerce, and manufacturing accelerate digital growth, these continuous attacks pose growing operational and reputational risks, and organizations must work with trusted cybersecurity partners who can provide the intelligence, scalability, and agility needed to defend themselves in today's threat landscape."
The joint report also connects the increase in attacks to broader developments, including ongoing geopolitical tensions such as the Israel-Hamas and Russia-Ukraine conflicts. These events have led to a noted rise in ideologically driven hacktivism and blurred the lines between DDoS-for-Hire groups, hacktivists, and state-sponsored actors. The proliferation of DDoS-for-Hire platforms has made these attack tools accessible to a wider range of threat actors.
Globally, the financial sector remained the most targeted industry segment for Layer 3 and 4 DDoS attacks, making up 37% of incidents. This marks the second consecutive year that financial services have led in reported attack numbers, followed by gaming at 20% and manufacturing at 17%. No other sector experienced a similar surge, according to the report's findings.
The publication discusses strategies for improving defences through the FS-ISAC and Akamai-developed DDoS Maturity Model. This framework provides a benchmark for readiness and recommends targeted investment in defence strategies for organisations managing financial infrastructure and sensitive data.
The DDoS Maturity Model highlights several key actions for financial institutions and related entities: Adopt real-time behavioural analytics and traffic baselining
Implement threat intelligence-led automation for detection and mitigation
Strengthen DNS and API security with continuous testing and hardening
Use geo-IP filtering to reduce exposure from high-risk regions
The report also contains regional data, profiles of hacktivist groups, and an overview of mitigation strategies and best cyber hygiene practices. It notes the importance of mapping organisational capabilities and practices against different stages of maturity in DDoS defence, offering a structured approach to managing a rising strategic threat.
Akamai's collaboration with FS-ISAC on this research builds on the company's involvement in FS-ISAC's Critical Providers Program, which was launched to strengthen supply chain security within the financial sector.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

RNZ News

11 hours ago

• RNZ News

Christopher Luxon concludes China trip: 'No evidence' of collaboration with Russia, Iran and North Korea

Photo: Supplied / Dan Brunskill Christopher Luxon has wrapped up his trip to China, dismissing suggestions the superpower is working with Russia, Iran and North Korea to undermine the West - as alleged by NATO's top official. The prime minister says he also stressed to China's leaders that engagement in the Pacific must advance the region's interests, but refused to say whether the recent Cook Islands crisis was raised by either side. Speaking late Friday at New Zealand's embassy in Beijing, Luxon said he was leaving "very, very convinced" the bilateral relationship was in "a really strong place and in good heart". The comments followed a day of top-level meetings at the Great Hall of the People, capping a three-day visit to China, Luxon's first as prime minister. The prime minister and his officials now fly on to Belgium and then to the Netherlands, where he will attend the annual NATO summit. Photo: Supplied / Dan Brunskill Asked about NATO secretary-general Mark Rutte's recent warning that China is working together with Russia, Iran and North Korea, Luxon noted the "Dutch directness" - but indicated a "difference of opinion". "We haven't seen evidence of those four powers coordinating in a way, actively against the West," Luxon said. "We've seen bilateral associations, say, between Russia and North Korea, with respect to the war in Ukraine. We've seen bilateral arrangements between Iran and Russia as well, but we haven't seen evidence of a wholesale force." The rest of the delegation was now returning to New Zealand on the air force 757. Photo: Supplied / Dan Brunskill The talks came a day after revelations New Zealand suspended nearly $20 million in funding to the Cook Islands , after its agreements with China earlier this year. Luxon repeatedly refused to say whether that issue, or any other, was discussed behind closed doors. "We need to respect that they are private diplomatic conversations that need to be respected in the privacy of the sanctum." A media statement issued at the end of the trip said Luxon had raised "the need for engagement in the Pacific to take place in a manner which advances Pacific priorities". Pressed to clarify, Luxon said the concern had been well-canvassed: "Making sure that… all major powers that aren't part of the Pacific family… respect the centrality of the Pacific Island Forum." While none of China's leaders directly mentioned the Cook Islands crisis, Chinese Foreign Ministry spokesperson Guo Jiakun earlier said China's cooperation with the Pacific nation "should not be disrupted or restrained by any third party". Cook Islands Prime Minister Mark Brown on Friday labelled the funding pause "patronising" and pointed out he had not been consulted on any agreements New Zealand entered with China this trip . Luxon denied any double standard, but said he had "nothing more to add" on the subject. "I'm not going to get into it. I've spoken ad nauseam about the Cooks and the challenge." The prime minister's statement also said he raised "rising tensions in the Indo-Pacific" including the South China Sea and the Taiwan Strait. Photo: Supplied / Dan Brunskill Before speaking to reporters, the prime minister took part in an official welcome ceremony at the Great Hall and then a sit-down with his counterpart, Premier Li Qiang. In opening remarks, Li spoke of global turbulence and the need for "mutually beneficial cooperation". He said he had been "deeply impressed" by Luxon's friendship and hospitality during his 2024 visit to Wellington. In response, Luxon said the international challenges made ongoing dialogue more important "even where we differ". The meeting ended with the signing of 11 agreements, promising cooperation in areas including customs, food safety, and tourism. Luxon - and the wider business delegation - then stayed on for a banquet dinner at the Great Hall. Earlier on Friday, Xi said the bilateral relationship had experienced "many ups and downs" but remained respectful and at the forefront of China's Western ties. Luxon meanwhile described the bilateral relationship as "long-standing" and of "great consequence" to New Zealand. "The world looks to China as a major global power to play a constructive role in addressing many of the challenges that are facing us all," he said. Speaking to RNZ before departure, Luxon said he had established "good rapport" with both leaders during their previous meetings. The prime minister last met Xi in November at the APEC summit in Peru . At the time, Luxon characterised their conversation as "warm, positive and constructive" but noted clear differences over the AUKUS defence pact and missile testing in the Pacific. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.

RNZ News

2 days ago

• RNZ News

Christopher Luxon concludes China trip: 'No evidence' of collaboration with Russia, Iran or North Korea

Photo: Supplied / Dan Brunskill Christopher Luxon has wrapped up his trip to China, dismissing suggestions the superpower is working with Russia, Iran or North Korea to undermine the West - as alleged by NATO's top official. The prime minister says he also stressed to China's leaders that engagement in the Pacific must advance the region's interests, but refused to say whether the recent Cook Islands crisis was raised by either side. Speaking late Friday at New Zealand's embassy in Beijing, Luxon said he was leaving "very, very convinced" the bilateral relationship was in "a really strong place and in good heart". The comments followed a day of top-level meetings at the Great Hall of the People, capping a three-day visit to China, Luxon's first as prime minister. The prime minister and his officials now fly on to Belgium and then to the Netherlands, where he will attend the annual NATO summit. Photo: Supplied / Dan Brunskill Asked about NATO secretary-general Mark Rutte's recent warning that China is working together with Russia, Iran and North Korea, Luxon noted the "Dutch directness" - but indicated a "difference of opinion". "We haven't seen evidence of those four powers coordinating in a way, actively against the West," Luxon said. "We've seen bilateral associations, say, between Russia and North Korea, with respect to the war in Ukraine. We've seen bilateral arrangements between Iran and Russia as well, but we haven't seen evidence of a wholesale force." The rest of the delegation was now returning to New Zealand on the air force 757. Photo: Supplied / Dan Brunskill The talks came a day after revelations New Zealand suspended nearly $20 million in funding to the Cook Islands , after its agreements with China earlier this year. Luxon repeatedly refused to say whether that issue, or any other, was discussed behind closed doors. "We need to respect that they are private diplomatic conversations that need to be respected in the privacy of the sanctum." A media statement issued at the end of the trip said Luxon had raised "the need for engagement in the Pacific to take place in a manner which advances Pacific priorities". Pressed to clarify, Luxon said the concern had been well-canvassed: "Making sure that… all major powers that aren't part of the Pacific family… respect the centrality of the Pacific Island Forum." While none of China's leaders directly mentioned the Cook Islands crisis, Chinese Foreign Ministry spokesperson Guo Jiakun earlier said China's cooperation with the Pacific nation "should not be disrupted or restrained by any third party". Cook Islands Prime Minister Mark Brown on Friday labelled the funding pause "patronising" and pointed out he had not been consulted on any agreements New Zealand entered with China this trip . Luxon denied any double standard, but said he had "nothing more to add" on the subject. "I'm not going to get into it. I've spoken ad nauseam about the Cooks and the challenge." The prime minister's statement also said he raised "rising tensions in the Indo-Pacific" including the South China Sea and the Taiwan Strait. Photo: Supplied / Dan Brunskill Before speaking to reporters, the prime minister took part in an official welcome ceremony at the Great Hall and then a sit-down with his counterpart, Premier Li Qiang. In opening remarks, Li spoke of global turbulence and the need for "mutually beneficial cooperation". He said he had been "deeply impressed" by Luxon's friendship and hospitality during his 2024 visit to Wellington. In response, Luxon said the international challenges made ongoing dialogue more important "even where we differ". The meeting ended with the signing of 11 agreements, promising cooperation in areas including customs, food safety, and tourism. Luxon - and the wider business delegation - then stayed on for a banquet dinner at the Great Hall. Earlier on Friday, Xi said the bilateral relationship had experienced "many ups and downs" but remained respectful and at the forefront of China's Western ties. Luxon meanwhile described the bilateral relationship as "long-standing" and of "great consequence" to New Zealand. "The world looks to China as a major global power to play a constructive role in addressing many of the challenges that are facing us all," he said. Speaking to RNZ before departure, Luxon said he had established "good rapport" with both leaders during their previous meetings. The prime minister last met Xi in November at the APEC summit in Peru . At the time, Luxon characterised their conversation as "warm, positive and constructive" but noted clear differences over the AUKUS defence pact and missile testing in the Pacific. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.

Techday NZ

2 days ago

• Techday NZ

Exclusive: Logistics firms face rising OT cyber threats amid global tensions

Cyber attackers are increasingly targeting logistics and supply chain networks, aiming to destabilise nations and gain strategic leverage without ever crossing a border. According to Leon Poggioli, ANZ Regional Director at Claroty, the recent cyber espionage affecting logistics firms supporting Ukraine is not an isolated trend but part of a broader pattern. "There's two key reasons nation states do this," he explained during a recent interview with TechDay. "One is to disrupt the other nation's defences, and the other is to put political pressure on the general public by interfering with their supply chains." These attacks frequently target operational technology (OT) systems - the core infrastructure behind physical processes in logistics, energy, manufacturing and healthcare. Poggioli said attackers exploit connectivity in these environments to carry out sabotage remotely. "A lot of these environments have some kind of external connectivity, so that gives an attacker an ability to remotely trigger a cyber attack and disrupt those supply chains." In some cases, tactics have extended to disrupting weapons infrastructure, such as drones. "When one nation uses drones, the other will defend itself by trying to jam signals and disrupt that infrastructure," he explained. Compared to IT systems, OT vulnerabilities can be far more complex and risky to remediate. Poggioli noted that in OT, even small changes can impact safety and operations. "In the IT world, it's easy to push patches out," he said. "In OT, even a minor change can disrupt operations, so remediation needs to be more targeted." Claroty's platform is built to help organisations quickly cut through large volumes of vulnerability data to find what really matters. "A site may have 1,000 vulnerabilities, but we can whittle that down to the five that make the most impact," he said. "That becomes a manageable number that a cyber leader and OT asset manager can act on within weeks." Recent data from Claroty's global survey of cybersecurity professionals reinforces the growing financial and operational risks posed by cyber attacks on cyber-physical systems (CPS). Nearly half of respondents (45%) reported financial impacts of $500,000 USD or more from such attacks in the past year, with over a quarter suffering losses of at least $1 million. These costs were largely driven by lost revenue, recovery expenses, and employee overtime. "It's a growing concern across multiple sectors, particularly in chemical manufacturing, energy, and mining – more than half of organisations in those sectors reported losses over half a million dollars," Poggioli said. Ransomware remains a major burden, especially in sectors like healthcare where 78% of organisations reported paying over $500,000 to regain access to encrypted systems. "These are real costs, not theoretical risks," he added. "And they're rising." Operational downtime is also widespread. Nearly half of global respondents experienced more than 12 hours of downtime following an attack, with one-third suffering outages lasting a full day or more. "When operations halt, the financial and reputational damage mounts quickly," Poggioli said. He added that one of the most pressing vulnerabilities is the level of remote access in these environments. "We're seeing around 45% of CPS assets connected to the internet," he said. "Most of that is done through VPNs that were never built for OT security." Third-party access is another growing concern, with 82% of respondents saying at least one cyber attack in the past year came through a supplier. Nearly half said five or more attacks stemmed from third-party connections, yet 63% admit they don't fully understand how these third parties are connected to their CPS environment. Poggioli pointed to this as a critical blind spot. "Legacy access methods and poor visibility are allowing attackers in through the back door," he said. Even more concerning is the risk from insiders. "You want to be able to trust your team, but someone with inside knowledge can do more damage than an external attacker," Poggioli said. "Even air-gapped environments need constant monitoring." A cyber attack on Denmark's power grid in 2023 served as a wake-up call. "One operator didn't even know they had the vulnerable firewall in their system," he said. "That's why visibility is so important. You can't secure what you don't know exists." While preparedness across the logistics sector varies, Poggioli believes the industry is slowly recognising the strategic value of cybersecurity. "It's going to become a point of competitive advantage," he said. "Customers are going to start asking serious questions about cyber security and supply chain integrity." He drew a sharp distinction between cyber criminals and state-backed actors. "Cyber criminals want fast financial gain, but nation states are more focused on political objectives," he said. "They have better resources and longer timelines. That changes the game." Poggioli warned that just because no incident has occurred doesn't mean attackers aren't already embedded in critical networks. "There's growing evidence of adversaries nesting in these systems," he said. "My hypothesis is they're preparing for future conflict. If war breaks out, they're already in position to strike." For logistics firms looking to strengthen their defences, Poggioli said the first step is basic visibility. "Most people I speak to admit they don't know 100% what's out there or how it's connected," he said. "Start with an asset inventory. Once you have that, you can start risk modelling and reduce exposure." There are signs that resilience strategies are making a difference. According to the Claroty report, 56% of professionals now feel more confident in their CPS systems' ability to withstand cyber attacks than they did a year ago, and 72% expect measurable improvements in the next 12 months. Still, Poggioli said complacency is not an option. "If you don't know how big the problem is, you won't know how to solve it," he said. "Once you understand the risks, you can act to protect your operations and show the business the value of cyber security."