Floating Button
The Edge Singapore
Home Digitaledge News
Premium
News

APJ's financial services remains most attacked industry: Akamai

Nurdianah Md Nur
Nurdianah Md Nur • 3 min read
APJ's financial services remains most attacked industry: Akamai
The sector experienced 3.7 billion web application and API attacks from Q2 2022 to Q2 2023. Photo: Pexels
Font Resizer
Share to Whatsapp
Share to Facebook
Share to LinkedIn
Scroll to top
Follow us on Facebook and join our Telegram channel for the latest updates.
“yang” éfact "yang"

The financial services sector in Asia Pacific and Japan (APJ) continues to be one of the most attacked industries in the world. It saw a 36% increase in web application and API (application programming interface) attacks from Q2 2022 to Q2 2023, amounting to over 3.7 billion attacks.

The High Stakes of Innovation: Attack Trends in Financial Services report by Akamai also reveals that Local File Inclusion (LFI) remains the top attack vector, and that 92% of attacks against APJ’s finance sector were targeted at banks. LFI attacks exploit insecure coding practices or actual vulnerabilities on a web server to execute code remotely or gain access to sensitive information stored locally. Older web servers based on PHP (Hypertext Preprocessor), for example, are more vulnerable to LFI attacks due to existing methods of bypassing its input filters.

Besides that, financial institutions should be concerned about malicious bots. APJ is the second-most targeted region for malicious bot requests against financial services, accounting for 39.7% of all malicious bot requests worldwide.

Use cases include website scraping to impersonate the websites of financial services brands for phishing scams, and credential stuffing via automated injections of stolen usernames and passwords for account takeovers. This highlights that threat actors are constantly evolving their techniques and have started to focus their attacks on financial service consumers to get the most return on investment.

The report also found that financial services organisations in APJ are using more third-party scripts as they develop more channels and better customer experiences. This can make it challenging for them to address new reporting obligations, such as meeting the requirements of the upcoming Payment Card Industry Data Security Standard (PCI DSS) v4.0 where there will be specific sections relating to client-side script visibility and management.

“Financial institutions are increasingly turning to third-party scripts to quickly add new offerings, features, and interactive experiences for customers. However, businesses usually have limited visibility into the authenticity and potential vulnerabilities of these scripts, introducing yet another layer of risk to the business. Due to this limited visibility of risky third-party scripts, threat actors now have yet another vector to launch attacks against banks and their customers,” warns Reuben Koh, Akamai’s security technology and strategy director for APJ.

See also: SAL launches ‘Mindful Business Movement’ to combat legal burnout

He continues: “Financial institutions must focus on securing new digital offerings, continuously educating customers on cyber hygiene best practices, and investing in frictionless security measures for users. As regulators enforce policies to strengthen cybersecurity standards, it is also important for financial services organisations to understand and account for new compliance requirements while strengthening their security posture and cyber resilience against modern cyber threats.”

TAGS
cybersecurity
cyberattacks
banking and finance
Akamai

Highlights

Trending Now
CapitaLand Development sells 94.5% of LyndenWoods on launch day amid strong demand at an average of $2,450 psf
Great Eastern Holdings update: OCBC, the Wongs and SGX are winners
SGX gives approval-in-principle to FHT to delist
PSC Corp’s Sam Goi makes mandatory conditional cash offer of 40 cents for shares in the company
OCBC group CEO Helen Wong to retire end-2025; successor Tan Teck Long appointed deputy CEO

Related News

Over a third of Singapore professionals are upskilling on Coursera
Tech

Over a third of Singapore professionals are upskilling on Coursera

July 09, 2025
Half of Singapore companies pay ransom in cyberattacks: Sophos
Cybersecurity

Half of Singapore companies pay ransom in cyberattacks: Sophos

June 25, 2025
Here's why Asia must reinforce payment security as trade tensions rise
Cybersecurity

Here's why Asia must reinforce payment security as trade tensions rise

June 20, 2025
Get the latest news updates in your mailbox
Never miss out on important financial news and get daily updates today
×
The Edge Singapore
Download The Edge Singapore App
Google playApple store play
Keep updated
Follow our social media
Subscribe to The Edge Singapore
Get credible investing ideas from our in-depth stock analysis, interviews with key executives, corporate movements coverage and their impact on the market.
Topics
Broker's CallsCompany in the newsResults
Banking & financeInsider movesAll flash categories
Products & Services
NewsNewsletterVideosOptions
Edge InvestAdvertisingT&CsSitemap
About Us
Our CompanyContact UsEditorial TeamJoin Us
Advertise with usFAQsPrivacy PolicyMalaysiaEvents
© 2025 The Edge Publishing Pte Ltd. All rights reserved.