From May 2019 and continuing on until the end of the year, there was a dramatic shift by criminals who started targeting APIs, in an effort to bypass security controls. According to data from Akamai’s ‘2020 State of the Internet / Security: Financial Services – Hostile Takeover Attempts’ report, up to 75% of all credential abuse attacks against the financial services industry targeted APIs directly.
“Criminals are getting more creative and hyper-focused on how they go about obtaining access to the things they need to conduct their crimes,” said Steve Ragan, Akamai security researcher and principal author of the State of the Internet / Security report. “Criminals targeting the financial services industry pay close attention to the defenses used by these organizations, and adjust their attack patterns accordingly.”
Indicative of this fluid attack dynamic, the report shows that criminals continue to seek to expose data through a number of methods, in order to gain a stronger foothold on the server and ultimately achieve success in their attempts.
SQL Injection (SQLi) accounted for more than 72% of all attacks when looking at all verticals during the 24-month period observed by Akamai’s security research report. That rate is halved to 36% when looking at financial services attacks alone. The top attack type against the financial services sector was Local File Inclusion (LFI), with 47% of observed traffic.
The report also shows that criminals continue to leverage Distributed Denial of Service (DDoS) attacks as a core component of their attack arsenal, particularly as it relates to targeting financial services organizations. Akamai’s observations from November 2017 until October 2019, show the financial services industry ranking third in attack volume, with gaming and high tech being the most common targets. However, more than forty percent of the unique DDoS targets were in the financial services industry, which makes this sector the top target when considering unique victims.
“Security teams need to constantly consider policies, procedures, workflows, and business needs – all while fighting off attackers that are often well organized and well-funded,” added Mr. Ragan. “Our data shows that financial services organizations are constantly improving by adopting fluid security postures, forcing criminals to change their tactics.”
The Akamai 2020 State of the Internet / Security Report is available here.