In the first quarter of 2024, the FinTech sector experienced a substantial surge in application layer DDoS attacks, as detailed in a recent report by Qrator Labs, a leading provider of cyber attack mitigation services.
These attacks, specifically targeting the uppermost layer of the OSI model where websites operate, accounted for half of all recorded cyber incidents. In simpler terms, malicious actors inundate a specific platform with overwhelming requests, effectively disabling its functionality.
This surge represents a significant shift from the last quarter of 2023 when the FinTech sector accounted for 37.58 per cent of all such attacks. Victor Zyamzin, Chief Business Officer at Qrator Labs, attributes this rising trend to the rapid evolution and growing prominence of the FinTech industry. Over the past decade, FinTech has emerged as a formidable financial service force driven by notable technological advancements and the pervasive spread of the Internet.
Zyamzin emphasised that the FinTech sector in the UAE is particularly susceptible to these malicious activities. As a sector in its infancy, it is growing accelerated, making it an attractive target for cybercriminals. According to recent estimates, the UAE’s FinTech market is projected to expand from $3.16 billion in 2024 to $5.71 billion by 2029, reflecting a compound annual growth rate (CAGR) of 12.56 per cent.
This growth is driven by consumers’ increasing appetite for sophisticated financial services, supportive regulatory frameworks from the Emirates, and a favourable investment climate. Data from S&P Global indicates that UAE-based FinTech firms raised $128.4 million in 2023.
Within the broader FinTech landscape, specific microsegments such as banks, payment systems, and insurance companies have been particularly targeted. The Qrator Labs report reveals that banks were the primary targets in the first quarter of 2024, accounting for 29.91 per cent of all application layer DDoS attacks. This marks a significant increase from the last quarter of 2023 when banks accounted for 14.85 per cent of these attacks.
Payment systems were also notably affected, albeit with a slight decrease from 14.28 per cent in the previous quarter to 9.8 per cent. Insurance companies accounted for 8.71 per cent of the attacks.
The report underscores the severe threat posed by cyberattacks to business operations. As of 2023, 77 per cent of companies in the Asia-Pacific region, including the UAE, lacked adequate tools to detect cyberattacks. Simultaneously, nearly 90 per cent of firms in the region reported a shortage of cybersecurity specialists, highlighting a significant vulnerability in their defence mechanisms.
Zyamzin warns that the repercussions of such cyberattacks can be devastating, leading to substantial financial losses for businesses and their customers. The IMF’s Global Financial Stability Report corroborates this, indicating that nearly one-fifth of reported cyber incidents over the past two decades have impacted the global financial sector, resulting in direct losses totalling $12 billion for financial firms.
Despite the daunting challenges, numerous strategies can be implemented by businesses to mitigate cybersecurity risks. Companies are encouraged to adopt predictive algorithms capable of preventing DDoS attacks. Additionally, utilising robust security services and tools to test existing cybersecurity software can help identify and address vulnerabilities. By staying vigilant and proactive, firms can better protect themselves against the ever-evolving threat landscape.
In conclusion, the first quarter of 2024 has highlighted the escalating threat of application layer DDoS attacks on the FinTech sector. As the industry grows and innovates, it becomes an increasingly attractive target for cybercriminals. It is imperative for companies, especially those in burgeoning markets like the UAE, to bolster their cybersecurity measures to safeguard their operations and maintain consumer trust.
