Pro-Iran hacktivism and AI bots are amplifying cyberattacks targeting online banking, payments, and applications
CAMBRIDGE, Mass., May 20, 2026 (GLOBE NEWSWIRE) — Cybercriminals are now targeting financial services more than any other industry for web and API (Layers 3 and 4) distributed denial-of-service (DDoS) attacks, Akamai (NASDAQ: AKAM) reveals in its AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services State of the Internet (SOTI) Security report. The findings highlight a dangerous shift as pro-Iran hacktivists and AI-driven bots weaponize DDoS tactics to disrupt online banking, payment systems, and critical applications.
Driven by AI-powered infrastructure, the median duration of global Layers 3 and 4 DDoS attacks targeting the financial services sector is up 738% since 2024. This shows that while digital transformation has enabled advances such as online banking and real-time payments, it has also widened the doors for attackers.
Key findings of the report include:
- Among the financial service leaders surveyed for the 2026 API Security Impact Study, 96% reported at least one API security incident over the past 12 months, the highest among all industries.
- In 2025, 60% of total web attacks and 83% of incursions against API endpoints targeted banking.
- Nearly 80% of financial institutions have faced ransomware attacks in the past two years, yet less than half have adopted advanced security technologies.
- Advanced bot activity surged by 147% in late 2025 — and, in one case study, a staggering 96% of all site traffic was identified as malicious scraping bots.
- Cyberattack methods against financial services vary significantly by region: EMEA is the primary target for Layers 3 and 4 DDoS (62%), APAC is the most targeted by Layer 7 DDoS (52%), and in North America, web attacks are the most prevalent (44%).
“Cybercriminals and hacktivists continue to escalate DDoS from nuisance attacks to a sustained siege encompassing both hacktivism and cybercrime, and financial services are in the crosshairs,” said Steve Winterfeld, Advisory CISO of Akamai. “In addition, the data shows that APIs are increasingly targeted as AI doesn’t reduce traditional security risks, it puts them on steroids. Fortunately, financial services organizations can leverage the security strategies and best practices detailed in this report.”
AI-Empowered Botnets and API Visibility Gaps: Attack Trends in Financial Services also includes: data-supported trends on criminal activity, a guest column by the CISO of FS-ISAC, a security spotlight on MITRE capabilities, a cloud spotlight on the differences among AI architectures, and practical DNS and DDoS attack mitigation strategies.
Now in their 12th year, Akamai’s SOTI Security reports continue to offer critical insights on cybersecurity trends and web performance, drawn from attacks viewed across Akamai’s cybersecurity protective infrastructure, which handles a significant portion of global web traffic.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
Contacts
Akamai Media Relations
[email protected]
Akamai Investor Relations
[email protected]
