The volume of web application and API attacks detected over the past 12 months surged by 3.5 times year-on-year in the financial services sector, the highest of any vertical, according to Akamai.
The cloud security vendor’s latest State of the Internet report, Enemy at the Gates, is based on analysis of global customer traffic during the period October 01 2021 to September 26 2022 .
The growth in threats targeting web apps and APIs is reflective of the increasing investment financial institutions are putting into digital services, as a result of open banking mandates like Europe’s PSD2, the report claimed.
While these technologies help to open banking services up to third party providers and create a more streamlined experience for customers, they also expand the corporate attack surface.
Overall, banking is the third-most attacked vertical when it comes to web apps and APIs, with 15% of the total accounted for by these threats.
“Security is a tough challenge when building them. Vulnerabilities residing in these web applications could lead to remote code execution (RCE) and breaches. Second, web applications have the ability to capture and store confidential customer information (i.e., login credentials),” the report explained.
“Once attackers launch web applications attacks successfully, they could steal confidential data, and in more severe cases, gain initial access to a network and obtain more credentials that could allow them to move laterally. Aside from the implications of a breach, stolen information could be peddled in the underground or used for other attacks. This is highly concerning given the troves of data, such as personal identifiable information and account details, held by the financial services vertical.”
Of the most common RCE attacks recorded, Local File Inclusion (LFI) and Cross Site Scripting (XSS) saw the biggest increase in detections during the period, the report noted.
Elsewhere, Akamai identified large year-on-year increases in bot activity (81%) and DDoS attacks (22%). There was also a surge in phishing attacks targeting customers, including techniques designed to bypass multi-factor authentication (MFA), such as phishing kits from prolific actor “Kr3pto.”
In fact, the report claimed that 80% of attacks targeting the sector are focused on customer accounts rather than the banks themselves.
“Attackers will always find ways to infiltrate your network or impact your customers,” warned Akamai advisory CISO, Steve Winterfeld.
“Understanding attack surfaces could provide insights into key risks and therefore allow organizations to devise security controls and mitigation plans to better protect customers.”