Akamai Threat Report: APAC Banks Top Global Targets for Financial Cyberattacks
According to Akamai's latest report, 52% of global Layer 7 DDoS attacks against financial services in 2025 occurred in the APAC region, marking the fourth consecutive year it has been the most targeted region. Rapid growth in digital banking and API integration has outpaced security measures, leading to critical gaps in API visibility and increased threats from AI-powered botnets.
📋 Article Processing Timeline
- 📰 Published: June 1, 2026 at 11:00
- 🔍 Collected: June 1, 2026 at 11:26 (26 min after Published)
- 🤖 AI Analyzed: June 1, 2026 at 18:43 (7h 16m after Collected)
Akamai (NASDAQ: AKAM) has released its latest threat report, 'AI-Powered Botnets and the API Visibility Gap: The State of Internet Security on Attack Trends in the Financial Services Industry.' As digital banking, real-time payments, and API-driven services surge among financial institutions in the Asia-Pacific (APAC) region, many organizations are struggling to keep pace with security measures, leading to an expanded attack surface and a rise in global cyberattacks. According to the report, APAC accounted for 52% of all Layer 7 DDoS attacks against financial services globally in 2025, making it the most targeted region for application-layer attacks for the fourth consecutive year. This highlights the urgent need for organizations to secure their expanding digital environments.
*This release is a translated summary of the press release announced in Singapore on May 22, 2026 (local time).
DDoS attacks are designed to overload online banking portals, payment APIs, and customer-facing applications with traffic disguised as legitimate access. Consequently, they are far more difficult to identify and block than traditional network flood DDoS attacks. In the APAC financial sector, banks and fintech companies have been hit hardest, accounting for 44% and 38% of Layer 7 DDoS attacks, respectively. Meanwhile, banks accounted for 92% of Layer 3/4 DDoS attacks in the region.
The problem lies not only in the volume of attacks but also in the complexity of the targeted environments. The proliferation of real-time payment systems, mobile banking platforms, fintech ecosystems, and various customer-facing services has increased the number of endpoints that banks and fintech companies must protect. Furthermore, competitive pressures and AI-powered coding tools are accelerating the speed at which new services are implemented.
However, many organizations do not have a complete grasp of the APIs they rely on. While 77% of IT and security leaders in the APAC financial services industry believe they have a full picture of their API assets, only 27% know which APIs return sensitive data. Globally, 96% of financial services organizations reported at least one API security incident in the past 12 months, the highest rate of any industry. With the difficulty of distinguishing malicious activity from legitimate traffic, this situation is widening critical blind spots. Akamai confirmed a 147% surge in sophisticated bot activity in late 2025. AI-powered botnets are improving their ability to mimic browser behavior and evade traditional defenses.
Reuben Koh, Director of Security Technology and Strategy for APAC at Akamai, stated, 'APAC banks and fintech companies are at the center of the world's fastest-changing digital financial environment. Every time a new payment service, mobile banking feature, fintech integration, or AI-powered workflow emerges, new dependencies are created that are targeted by attackers.' He added, 'Many banks are trying to secure new digital services on top of legacy systems that are difficult to patch or integrate securely. Institutions that do not know what APIs exist, which APIs are exposing sensitive data, and how they should behave are already at high risk.'
The lesson for financial institutions is clear: they must evolve security from merely meeting compliance requirements to making it a top priority for operational resilience. This includes strengthening defenses against application-layer DDoS, network floods, and API abuse; investing in API security tools that can identify sensitive data exposure and anomalous behavior; and implementing AI-powered defenses capable of responding at machine speed.
The report also reveals that organizations implementing micro-segmentation improved their incident response time by 33% by isolating critical applications and limiting the lateral movement of attackers who have breached the perimeter. This is a significant advantage in an environment where every minute of downtime can lead to reputational, regulatory, and financial losses.
Now in its 12th year, Akamai's 'State of the Internet - Security Report' features attack data observed on Akamai's cybersecurity protection infrastructure, which handles a significant portion of global web traffic.
Steve Winterfeld, Advisory CISO at Akamai and supervisor of this report, stated, 'Cybercriminals and hacktivists continue to expand DDoS from mere nuisance attacks to persistent siege attacks involving both hacktivism and cybercrime, and the financial services industry is a target. Furthermore, observational data reveals that AI is not reducing traditional security risks but rather amplifying them, leading to an increase in API targeting. We hope you will use the security strategies and best practices detailed for the financial services industry to help with your own security measures.'
Read the full report here.
About Akamai
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai's full-stack cloud computing solutions provide high performance and cost-efficiency on the world's most distributed platform. For more information, visit akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
*This release is a translated summary of the press release announced in Singapore on May 22, 2026 (local time).
DDoS attacks are designed to overload online banking portals, payment APIs, and customer-facing applications with traffic disguised as legitimate access. Consequently, they are far more difficult to identify and block than traditional network flood DDoS attacks. In the APAC financial sector, banks and fintech companies have been hit hardest, accounting for 44% and 38% of Layer 7 DDoS attacks, respectively. Meanwhile, banks accounted for 92% of Layer 3/4 DDoS attacks in the region.
The problem lies not only in the volume of attacks but also in the complexity of the targeted environments. The proliferation of real-time payment systems, mobile banking platforms, fintech ecosystems, and various customer-facing services has increased the number of endpoints that banks and fintech companies must protect. Furthermore, competitive pressures and AI-powered coding tools are accelerating the speed at which new services are implemented.
However, many organizations do not have a complete grasp of the APIs they rely on. While 77% of IT and security leaders in the APAC financial services industry believe they have a full picture of their API assets, only 27% know which APIs return sensitive data. Globally, 96% of financial services organizations reported at least one API security incident in the past 12 months, the highest rate of any industry. With the difficulty of distinguishing malicious activity from legitimate traffic, this situation is widening critical blind spots. Akamai confirmed a 147% surge in sophisticated bot activity in late 2025. AI-powered botnets are improving their ability to mimic browser behavior and evade traditional defenses.
Reuben Koh, Director of Security Technology and Strategy for APAC at Akamai, stated, 'APAC banks and fintech companies are at the center of the world's fastest-changing digital financial environment. Every time a new payment service, mobile banking feature, fintech integration, or AI-powered workflow emerges, new dependencies are created that are targeted by attackers.' He added, 'Many banks are trying to secure new digital services on top of legacy systems that are difficult to patch or integrate securely. Institutions that do not know what APIs exist, which APIs are exposing sensitive data, and how they should behave are already at high risk.'
The lesson for financial institutions is clear: they must evolve security from merely meeting compliance requirements to making it a top priority for operational resilience. This includes strengthening defenses against application-layer DDoS, network floods, and API abuse; investing in API security tools that can identify sensitive data exposure and anomalous behavior; and implementing AI-powered defenses capable of responding at machine speed.
The report also reveals that organizations implementing micro-segmentation improved their incident response time by 33% by isolating critical applications and limiting the lateral movement of attackers who have breached the perimeter. This is a significant advantage in an environment where every minute of downtime can lead to reputational, regulatory, and financial losses.
Now in its 12th year, Akamai's 'State of the Internet - Security Report' features attack data observed on Akamai's cybersecurity protection infrastructure, which handles a significant portion of global web traffic.
Steve Winterfeld, Advisory CISO at Akamai and supervisor of this report, stated, 'Cybercriminals and hacktivists continue to expand DDoS from mere nuisance attacks to persistent siege attacks involving both hacktivism and cybercrime, and the financial services industry is a target. Furthermore, observational data reveals that AI is not reducing traditional security risks but rather amplifying them, leading to an increase in API targeting. We hope you will use the security strategies and best practices detailed for the financial services industry to help with your own security measures.'
Read the full report here.
About Akamai
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai's full-stack cloud computing solutions provide high performance and cost-efficiency on the world's most distributed platform. For more information, visit akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
FAQ
What is the key takeaway for APAC financial institutions?
They must prioritize API security and AI-driven defense to protect against sophisticated botnets and DDoS attacks that exploit the region's rapid digital growth.