Study finds spike in cyberattacks targeting financial services

Cyberattacks targeting financial service web applications and application programming interfaces, or APIs, grew by 354% in North America over the past year, according to new research by cloud services company Akamai. The company found a rise in cyberattacks targeting financial services worldwide, with the Asia-Pacific and North American regions experiencing the most notable increases. The rise was driven primarily by cyberattacks that trick web applications into exposing sensitive information (local file inclusion attacks) or inject malicious code into websites to steal data (cross-site scripting attacks).

As for the reasons for the increase, the report said the importance of web applications and APIs in financial services “continues to invite attackers to look for vulnerabilities and ways of attacking organizations. First, security is a tough challenge when building them. Vulnerabilities residing in these web applications could lead to [remote code execution]and breaches. Second, web applications have the ability to capture and store confidential customer information.” Still, the report noted that 80% of cyberattacks against the financial services sector target customers, with phishing remaining the most popular tool to gain access to account information.