Asia Pacific tops financial cyberattack target list

Akamai has reported that Asia Pacific was the most targeted region for financial cyberattacks in 2025, accounting for 52% of global application-layer DDoS attacks against financial services.

The findings point to sustained pressure on banks and fintech groups as digital banking, real-time payments and API-based services expand across the region. Asia Pacific was the most targeted region for these attacks for a fourth straight year.

Within the region, banking represented 44% of Layer 7 distributed denial-of-service attacks, while fintech accounted for 38%. At the lower network layer, banking accounted for 92% of attacks in the Asia Pacific, underscoring the sector's prominence as a target.

Layer 7 attacks target the application layer used by online banking portals, payment interfaces and customer-facing services. Because the traffic can resemble normal user behaviour, these attacks can be harder to identify than larger-volume network floods.

The report also highlighted pressure points around APIs, now central to digital finance as institutions connect mobile apps, payment systems and third-party services. Many organisations still lack a clear view of which APIs they run and what data those interfaces expose.

According to research, 77% of financial services IT and security leaders in Asia-Pacific believe they have a complete picture of their API estate. Yet only 27% know which APIs return sensitive data.

That gap sits within a broader pattern of incidents across the industry. Akamai found that 96% of financial services organisations worldwide experienced at least one API security incident in the past 12 months, the highest rate of any industry.

Bot activity also increased sharply, with a 147% rise in advanced bot activity in the latter part of 2025. AI-driven botnets have become more adept at mimicking browser behaviour and evading standard defences.

Expanding exposure

The trend reflects how financial institutions are adding services at speed while in some cases still relying on older core systems. Mobile banking features, instant payment links, fintech integrations and AI-assisted software development have all increased the number of systems and connections that need to be secured.

This is creating a wider attack surface at a time when online financial services are expected to remain continuously available. Disruption to payment systems, customer portals or transaction processing can quickly affect consumers, merchants and counterparties.

Akamai said organisations using microsegmentation, which isolates critical applications to limit attackers' movement inside a network, responded to incidents 33% faster. It presented this as evidence that containment measures can improve incident response in a sector where downtime can carry financial and regulatory costs.

Reuben Koh, Director of Security Technology and Strategy, APJ, at Akamai, said the region's financial sector faced a combination of rapid digital expansion and longstanding technical complexity.

"APAC's banks and fintechs sit at the centre of one of the world's fastest-moving digital financial environments. Every new payment service, mobile banking feature, fintech integration and AI-enabled workflow creates another dependency for attackers to probe," Koh said.

He added that older systems remained part of the problem for many institutions as they introduced new digital services.

"Many banks are also securing new digital services on top of legacy systems that may be difficult to patch or integrate securely. If an institution does not know which APIs exist, which ones expose sensitive data, or how they are supposed to behave, it is already operating with an elevated level of risk," he said.

The figures add to evidence that financial cyber risk is shifting away from isolated perimeter threats towards the abuse of legitimate-looking application traffic, automated bot activity and weak visibility across interconnected services. For banks and fintech firms in the Asia Pacific, that means defending not only websites and networks but also the growing web of APIs and software links that support modern finance.