The financial sector has apparently become a core target for cybercriminals in 2023, with firms in the EMEA (Europe, the Middle East and Africa) region hit particularly hard.
This makes it the third most attacked vector across EMEA, with roughly a billion attacks on web apps and APIs related to the industry. Insurance is the most affected sub-vertical, accounting for over half of all web attacks, which marks a 68% increase year-on-year.
Akamai observes that Insurance firms are a prime target since they often hold masses of personally identifiable information (PII) related to their customers, which allows threat actors to conduct identity theft.
EMEA also experienced the most DDoS attacks by a wide margin, accounting for 63.5% of such attacks worldwide. This is nearly double the amount suffered by North America (32.6%), which came in second.
The UK was the most hit country in EMEA, with 29.2% of DDoS attacks, beating Germany which had 15.1%. Again, when comparing the second quarters of last year and this year, DDoS attacks on financial services have risen by 40% in EMEA.
Akamai believes that the war in Ukraine has its part to play in these attacks, as attackers politically aligned with Russia will attack European banks if they are deemed to be supporting Ukraine, citing this as the main reason for the increase in EMEA attacks.
DDoS attacks on gambling, commerce, and manufacturing firms were also higher in the EMEA than in all other regions combined.
Richard Meeus, Akamai’s Director of Security Technology and Strategy, EMEA, commented that, “as cybercriminals continue to follow the money, financial services remains a hugely attractive target. At the same, this is one of the most regulated sectors and hence it is essential for companies to align their security strategy with emerging laws and regulations.”