Akamai: Financial Services Face a Surge in DDoS Threats

Despite all the positives of digital transformation that the financial services are benefitting from, one of the most challenging, critical and important setbacks is the attack surface for cybercriminals it creates.

And this attack surface is only growing.

Akamai’s AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services State of the Internet (SOTI) Security report paints this picture: that the sector is now the primary target for increasingly sophisticated and sustained distributed denial-of-service (DDoS) attacks.

A growing threat landscape

Akamai’s research highlights a dramatic escalation in both the scale and complexity of attacks targeting banks, payment providers and financial platforms. 

Driven by AI-powered botnets and coordinated hacktivist campaigns, DDoS have grown from short-lived disruptions to prolonged, strategic assaults.

The report finds that the median duration of Layers 3 and 4 DDoS attacks against financial services has surged by 738% since 2024. 

This shift, the report suggests, shows a move from opportunistic attacks to persistent campaigns designed to overwhelm infrastructure and erode customer trust.

“Cybercriminals and hacktivists continue to escalate DDoS from nuisance attacks to a sustained siege encompassing both hacktivism and cybercrime and financial services are in the crosshairs," says Steve Winterfeld, Advisory CISO of Akamai. 

“In addition, the data shows that APIs are increasingly targeted as AI doesn't reduce traditional security risks, it puts them on steroids. 

“Fortunately, financial services organisations can leverage the security strategies and best practices detailed in this report."

Are APIs the new battleground?

As financial institutions embrace open banking, real-time payments and API-driven ecosystems, Akamai finds that attackers are following closely behind. 

The report’s findings show that APIs are now among the most exploited entry points.

Akamai’s 2026 API Security Impact Study says that 96% of financial services leaders reported at least one API security incident in the past year – the highest rate across any industry. 

In parallel, 83% of API-related incursions in 2025 targeted banking institutions specifically.

This growing vulnerability further emphasises a critical challenge for financial institutions: the fact that innovation is outpacing security maturity in a heavily-regulated industry.

AI and botnets amplify risk

Akamai’s report also shines a light on the rapid evolution of automated threats.

Advanced bot activity surged by 147% in late 2025, with one case study revealing that 96% of all site traffic consisted of malicious scraping bots.

These AI-enabled botnets are capable of mimicking legitimate user behaviour, making detection more difficult and mitigation more resource-intensive. 

For financial institutions operating high-volume digital services, this creates both operational strain and heightened exposure to fraud and data breaches.

At the same time, geopolitical tensions are shaping the threat landscape. 

Akamai’s report shows that pro-Iran hacktivist groups have emerged as a notable force, utilising DDoS campaigns to target financial infrastructure in coordinated waves.

The regional patterns behind attacks

Akamai’s global visibility provides insight into how attack strategies vary across regions.

These regional dynamics showcase the need for tailored cybersecurity strategies, particularly for multinational financial institutions managing diverse threat environments.

The need to bridge the security gap

Despite the rising threat level, Akamai’s report finds that the adoption of advanced cybersecurity measures is still inconsistent. 

Nearly 80% of financial institutions have experienced ransomware attacks in the past two years but fewer than half have implemented advanced security technologies.

As well as highlighting the gaps financial institutions are facing, Akamai itself is also critical partner in closing this gap. 

Because a significant share of the world’s web traffic goes through its global infrastructure, Akamai is able to provide real-time threat intelligence and mitigation capabilities across cloud, application and network layers.

And, as attacks are bigger, longer and more coordinated than ever, Akamai’s intelligence and defensive capabilities are becoming central to safeguarding the future of finance.