The Financial Services Industry remains the most targeted vertical in the global threat landscape, facing sustained and evolving cyberattacks. Radware’s 2025 Financial Threat Analysis reveals a clear trend: attack frequency, volume, and complexity are all rising at unprecedented rates.
A Sector Under Pressure
In 2024 alone, financial institutions experienced a 27% year-over-year increase in cyberattacks, with an average of nearly 13,000 DDoS attacks per institution. These are not just random disruptions. They increasingly involve sophisticated, multi-vector campaigns designed to evade traditional defenses and maximize impact. More than one in four Web DDoS attacks exceeded 100,000 requests per second (RPS), often targeting online banking and transaction systems.
DNS Query Floods, a variant of Layer 7 denial-of-service, also surged with a global increase of more than 272%. Financial firms absorbed the highest share of these application-layer attacks. The volume and intensity of DNS-based threats make them harder to detect and stop, especially when combined with high-RPS web floods and bot-driven bursts.
Regional Breakdown
Attack patterns vary by region, but the pressure is consistent across the board:
- North America saw the average DDoS attack volume per financial institution rise by 17%. Some institutions faced over 300,000 attack events, with the largest peaking at 1.125 Tbps.
- EMEA institutions experienced a 293% increase in DNS flood activity and recorded a 177% jump in mitigated DDoS volume.
- APAC reported a dramatic 9,000% increase in attack volume per institution. The number of malicious packets also spiked by more than 4,000%.
- Latin America faced growing volumes as well, with peak attacks reaching over 225 Gbps.
Rise of Hacktivism and Coordination
Another trend reshaping the threat landscape is the rise in ideologically driven attacks. Hacktivists claimed responsibility for over 15,000 DDoS attacks on financial institutions in 2024, marking a 20% increase from the previous year. These campaigns are increasingly coordinated through platforms like Telegram, allowing attackers to share targets and tactics in real time and boost visibility through public claims.
A Shift in Tactics
Attackers are not only increasing frequency and volume. They are also deploying more complex tools and strategies. In 2024, the number of distinct vectors used in a single DDoS attack rose by nearly 40%, reaching up to 69 vectors per event. Threat actors are combining network-layer floods with application-layer methods such as DNS and HTTP, creating multi-dimensional assaults that are much harder to defend against.
What It Means for Financial Firms
The threat environment for financial services has changed fundamentally. Cyberattacks are now more persistent, more distributed, and more disruptive than before. From high-RPS Web DDoS and DNS floods to politically motivated attacks, the risks extend beyond downtime to include data loss, regulatory exposure, and long-term brand damage.
Financial institutions must prioritize adaptive, real-time defenses that can respond to multi-vector threats, detect application-level anomalies, and deliver deep visibility across the attack surface. The cost of inaction is real, growing, and visible in every region.
For more insights, review our latest financial services cyber threat infographics here.
To learn how Radware protects financial organizations against today’s most advanced threats, visit https://www.radware.com/solutions/financial/.