IT Brief Canada - Technology news for CIOs & IT decision-makers
Canada
Akamai warns of surging DDoS attacks on financial firms
DDoS Ransomware Digital Transformation

Akamai warns of surging DDoS attacks on financial firms

Wed, 20th May 2026 (Today)
Sean Mitchell
SEAN MITCHELL Publisher

Akamai has published research on cyber threats facing financial services, pointing to a sharp rise in DDoS attacks and API-related incidents across key regions.

Financial services are now the most targeted industry for web, API and infrastructure-based distributed denial-of-service attacks, with EMEA emerging as the main focus for Layers 3 and 4 activity.

EMEA accounted for 62% of global Layers 3 and 4 DDoS attack events against the financial services industry in 2025, compared with 26% for North America and 12% for Asia-Pacific.

Attack duration in the region also increased sharply. Median Layers 3 and 4 DDoS attack duration in EMEA rose from three minutes in 2024 to 34 minutes in 2025, an increase of 1,033%.

Globally, the median duration of Layers 3 and 4 attacks targeting financial services rose 738% from 2024, while the maximum size of DDoS attacks increased 236% year on year. Akamai linked the shift to a mix of hacktivist activity and the growing digital footprint of banks and payment providers.

It said pro-Iran hacktivists and AI-driven bots were helping to drive the trend, using DDoS methods to disrupt online banking, payment systems and critical applications. Attack methods also varied by geography: APAC was the most targeted region for Layer 7 DDoS attacks at 52%, while web attacks were most prevalent in North America at 44%.

API pressure

The report also highlighted heavy pressure on application programming interfaces, which financial institutions use widely to connect apps, services and customer-facing systems. Among financial services leaders surveyed for the 2026 API Security Impact Study, 96% reported at least one API security incident in the past 12 months.

Banking accounted for 60% of total web attacks and 83% of incursions against API endpoints in 2025. Advanced bot activity also surged 147% in late 2025.

In one case study cited in the research, 96% of all site traffic was identified as malicious scraping bots. The findings suggest automated attack traffic is becoming a larger share of the threat landscape facing lenders, payment groups and other financial firms.

Ransomware remained a major concern. Nearly 80% of financial institutions had faced ransomware attacks in the past two years, yet less than half had adopted advanced security technologies.

The findings come as UK authorities warn that more advanced artificial intelligence systems could intensify cyber risks across the financial sector. The Bank of England, the Financial Conduct Authority and HM Treasury have all highlighted the potential for frontier AI models to increase the scale, speed and sophistication of attacks on financial institutions.

Escalating attacks

Akamai drew its conclusions from attack traffic observed across its cybersecurity network and from industry survey data. It has produced its State of the Internet security research series for 12 years.

The report described a broader shift in DDoS attacks affecting financial services, with incidents becoming longer and, in some cases, larger. That matters for banks and payment providers because sustained attacks can cause operational disruption even when they do not lead to data theft.

Financial institutions have rapidly expanded digital channels in recent years, adding more online banking services, mobile tools, real-time payment connections and third-party integrations. Each development can increase the number of internet-facing systems and APIs that need to be monitored and protected.

The findings also suggest older cyber risks have not faded as AI tools become more widely used. Instead, automation appears to be helping attackers scale familiar methods, including bot activity, scraping and denial-of-service campaigns.

"Cybercriminals and hacktivists continue to escalate DDoS from nuisance attacks to a sustained siege encompassing both hacktivism and cybercrime, and financial services are in the crosshairs," said Steve Winterfeld, advisory CISO at Akamai.

"In addition, the data shows that APIs are increasingly targeted as AI doesn't reduce traditional security risks, it puts them on steroids. Fortunately, financial services organizations can leverage the security strategies and best practices detailed in this report," Winterfeld said.

Related stories
Web attacks in EMEA hit two-year high, Akamai warns
Check Point wins Frost & Sullivan recognition for WAF
Google report warns identity is weak link in cloud
Synack report says vulnerability testing gap widens
MySQL exposures & slow fixes plague firms, study finds
Top stories
Bill off the table: Yukon's repealed Clean Energy Act
KPMG forms global alliance with Anthropic for Claude
Dell says data is the differentiator in the age of agentic AI
IT teams wary as automation races ahead, SolarWinds says
Mediaocean names Iván Markman as Chief Operating Officer