In the cybersecurity world, it's always good vs. evil and like in a movie, we're waiting to find out who will win the constant battle. These days, it seems the criminals are always just one step, or more, ahead of the defenders. The 2022 version of Akamai's “Financial Services State of the Internet (SOTI) report,” does not paint a happy picture for the “good guys.” Especially in terms of the attackers’ increasing exploitation of zero-day vulnerabilities, Botnet activity, and increasingly effective phishing attacks, particularly related to the financial services (FinServ) industry. The statistics in the report make for sobering reading.

FinServ showed a 3.5 times surge in web application and API attacks in 2022 when compared to activity in 2021. That growth is the highest affecting any major industry. The trend is not only extremely worrying for the organizations that are under increasing attack, but also for their clients. An estimated 80% of attacks are now focused on the clients of the industry, rather than the FinServ organizations themselves. Attacks such as account takeover attacks are either directly targeting clients’ personal data or using increasingly sophisticated web scraping techniques. These involve the creation of mirror images of legitimate FinServ websites that then employ tried and tested phishing techniques to gather client data.

Unfortunately, the bad news from Akamai keeps coming in this comprehensive report. Botnet activity aimed at FinServ organizations has increased by 81% when compared to 2021, and DDoS attacks increased by 22%. Botnets are now playing an ever-increasing role in account takeover attempts - with bad actors employing them for credential stuffing.

Sophisticated API attacks are also on the increase and cybersecurity teams are under enormous pressure due to the lightning-quick exploitation of zero-day vulnerabilities where multiple thousands of attacks occur per hour and provide the cybersecurity teams with very little breathing space to react and patch vulnerabilities.

What organizations can do, is prepare. Provide perimeter security internally as well as comprehensive and ongoing cybersecurity awareness training for all employees. Extend training to customers and members so they can get the benefit of knowing the latest threats to their security. There are many organizations that can help with this. Get recommendations, do some research, and figure out what works for you.

Remember not to stop at a one-and-done strategy. Continue the awareness throughout the year and you can limit the cybersecurity risk to your organization and to the members and customers that use your services.

Given this current state of affairs and the upward trend in attacks aimed at FinServ companies and consumers, both parties can expect 2023 to offer more of the same.  The good news is that knowledge really is power.