--- title: "APAC Financial Sector Faces Surge in Cyberattacks" type: "News" locale: "en" url: "https://longbridge.com/en/news/287471726.md" description: "Financial institutions in the Asia Pacific are experiencing a surge in cyberattacks, with the region accounting for 52% of global Layer 7 DDoS attacks in 2025. The Akamai report highlights security challenges due to rapid digital banking growth and API vulnerabilities. Banks faced 44% of these attacks, while fintechs accounted for 38%. Experts recommend shifting cybersecurity strategies to enhance operational resilience and improve API monitoring to mitigate risks." datetime: "2026-05-24T22:17:22.000Z" locales: - [zh-CN](https://longbridge.com/zh-CN/news/287471726.md) - [en](https://longbridge.com/en/news/287471726.md) - [zh-HK](https://longbridge.com/zh-HK/news/287471726.md) --- # APAC Financial Sector Faces Surge in Cyberattacks **Financial institutions across the Asia Pacific region are facing an escalating wave of cyberattacks as rapid growth in digital banking, real-time payments and API-driven services expands the industry’s online attack surface.** According to a new State of the Internet Security report from Akamai Technologies, Asia Pacific accounted for 52% of all global Layer 7 distributed denial-of-service (DDoS) attacks targeting financial services in 2025, making it the world’s most targeted region for application-layer attacks for the fourth consecutive year. The report, titled «AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services», highlights mounting security pressures on banks, fintech firms and payment providers as digital financial ecosystems continue to scale across the region. **Designed to Overwhelm Systems** Layer 7 DDoS attacks are designed to overwhelm online banking portals, payment APIs and customer-facing applications using traffic that closely resembles legitimate user behavior, making them significantly harder to detect than traditional network attacks. Within APAC, banking institutions accounted for 44% of Layer 7 DDoS incidents, while fintech companies represented 38% of attacks. Banking organizations were also the primary target for lower-level network attacks, accounting for 92% of such incidents in the region. Security experts say the challenge is being compounded by the rapid rollout of new digital services. Mobile banking platforms, national real-time payment systems and fintech integrations are increasing the number of endpoints organizations must secure, while AI-assisted software development is accelerating deployment timelines. At the same time, many institutions still lack full visibility into their API environments. The report found that while 77% of financial services IT and security leaders in APAC believe they have a complete understanding of their API estate, only 27% know which APIs expose sensitive data. Globally, 96% of financial services organizations reported at least one API security incident in the past year, the highest rate among all industries surveyed. Akamai also observed a 147% increase in advanced bot activity during late 2025, driven by AI-powered botnets capable of mimicking browser behavior and bypassing conventional security defenses. **More and More Targets** «APAC’s banks and fintechs sit at the center of one of the world’s fastest-moving digital financial environments,» said **Reuben Koh**, Director of Security Technology and Strategy for Asia Pacific and Japan at Akamai. «Every new payment service, mobile banking feature, fintech integration and AI-enabled workflow creates another dependency for attackers to probe,» Koh said. «If an institution does not know which APIs exist, which ones expose sensitive data, or how they are supposed to behave, it is already operating with an elevated level of risk.» The report said financial institutions need to shift cybersecurity from a compliance-driven exercise to a broader operational resilience strategy. Recommended measures include strengthening defenses against application-layer attacks, improving API monitoring capabilities and adopting AI-powered security tools capable of responding to threats in real time. The study also found that organizations using microsegmentation — a security approach that isolates critical applications to limit attacker movement within networks — were able to respond to incidents 33% faster than those without such protections. Now in its 12th year, Akamai’s State of the Internet Security research draws on cyber threat intelligence gathered across the company’s global internet infrastructure, which processes a substantial share of worldwide web traffic. ### Related Stocks - [AKAM.US](https://longbridge.com/en/quote/AKAM.US.md) ## Related News & Research - [07:59 ET0x Cross-Chain API is Generally Available: One Integration for Cross-Chain Swaps, Payments, and RWAs](https://longbridge.com/en/news/288716418.md) - [XBTFX Releases Trading API Built for the Next Generation of Traders and Developers](https://longbridge.com/en/news/289043361.md) - [How Is Fortinet's Stock Performance Compared to Other Cybersecurity Stocks?](https://longbridge.com/en/news/289063456.md) - [Noveris Health Sciences Provides Corporate Update](https://longbridge.com/en/news/288902460.md) - [CISO role changes as cyber-risk appetites in the C-suite grow](https://longbridge.com/en/news/289106199.md)