Attacks on EMEA Financial Services Double in a Year

Cyber-attacks on European financial services firms more than doubled between Q2 2022 and Q2 2023, surging 119% in the period, according to new data from Akamai.

The security vendor’s latest State of the Internet report detailed threats to the sector globally, drawing on data from the firm’s network of 340,000 servers distributed across over 130 countries.

It revealed that financial services organizations in the EMEA region suffered around one billion web application and API attacks during the period, with insurance the most attacked sub-sector, accounting for 55% of all web attacks. Akamai suggested this is due to the large volumes of personally identifiable information (PII) that insurance companies hold.

However, despite these findings, financial services was still only the third-most targeted sector in EMEA during the 12-month period.

When it came to DDoS attacks, EMEA financial services firms comprised the majority (63.5%) of attacks detected, compared with the vertical worldwide, between January 2022 and June 2023. It recorded a 40% increase in DDoS events between Q2 2022 and Q2 2023.

Read more on DDoS: Cloudflare Stops Largest HTTPS DDoS Attack on Record

“The number of attacks against this region was nearly double the number of the next top region. We surmise this is due to the attacker groups’ financial and political motivations against European banks. Additionally, this shows how easily adversaries can quickly switch their attention,” the report noted.

UK organizations led the way with a 29% share of DDoS attack events in the period, followed by Germany (15%).

EMEA seems to be a magnet for DDoS activity even outside the financial sector, with Akamai noting that gambling, commerce and manufacturing verticals in the region each exceeded all other regions combined in terms of number of attacks.

“As cyber-criminals continue to follow the money, financial services remains a hugely attractive target. At the same [time], this is one of the most regulated sectors and hence it is essential for companies to align their security strategy with emerging laws and regulations,” warned Richard Meeus, Akamai’s director of security technology and strategy, EMEA.