AI-Powered Botnets Drive Record DDoS and API Attacks Against Global Financial Sector, Akamai Reports
Akamai reports a surge in DDoS, API, and web attacks against global financial services firms in 2025, driven by AI-enabled botnets, hacktivists, and financially motivated cybercriminals.
A new report from Akamai reveals a dramatic escalation in cyberattacks targeting the global financial services sector throughout 2025, with AI-enabled botnets, geopolitical hacktivism, and financially motivated cybercriminals driving a massive rise in DDoS, API, and web application attacks. Banks bore the brunt of the onslaught, accounting for the majority of incidents as attackers leveraged artificial intelligence to automate and scale their operations at unprecedented speed.
The report highlights how AI is fundamentally changing the threat landscape. Attackers are now using machine learning models to dynamically adjust botnet behavior in real time, evade detection, and optimize the timing and volume of DDoS floods. These AI-driven botnets can autonomously probe for weaknesses, switch attack vectors mid-campaign, and even mimic legitimate user traffic to bypass rate-limiting defenses. Akamai observed a sharp increase in attacks that blend volumetric DDoS with targeted API abuse, suggesting a more coordinated and intelligent approach than traditional botnet campaigns.
Financial services firms have long been prime targets for cybercriminals, but the scale and sophistication of the 2025 wave mark a new chapter. The report notes that hacktivist groups, often aligned with geopolitical conflicts, have increasingly turned their sights on banks and payment processors, using DDoS attacks as a form of protest or disruption. Meanwhile, financially motivated actors are exploiting the sector's heavy reliance on APIs for mobile banking, payment processing, and third-party integrations, launching credential-stuffing and business logic abuse campaigns that can go undetected for weeks.
Akamai's data shows that the financial sector experienced a year-over-year increase in web application attacks of over 40%, with API-specific attacks growing even faster. The company attributes this to the proliferation of AI tools that lower the barrier to entry for attackers, allowing even low-skill threat actors to launch sophisticated campaigns. The report warns that traditional signature-based defenses are increasingly ineffective against AI-generated attack patterns that evolve faster than static rules can be updated.
In response, Akamai urges financial institutions to adopt AI-driven defensive measures, including behavioral analytics, anomaly detection, and automated mitigation workflows. The company also recommends that organizations prioritize API security, implement strict rate limiting, and conduct regular penetration testing focused on business logic flaws. The report emphasizes that the financial sector must treat AI-enabled attacks as a permanent shift rather than a temporary trend.
The findings align with broader industry warnings about the weaponization of AI in cyberattacks. Earlier this year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners issued a joint advisory on the growing use of AI by threat actors to enhance reconnaissance, phishing, and exploitation. Akamai's report serves as a concrete case study of those warnings playing out in one of the most critical sectors of the global economy.
As financial services firms continue their digital transformation, the attack surface will only expand. The Akamai report makes clear that the race between AI-powered offense and defense is accelerating, and that institutions which fail to modernize their security postures risk being overwhelmed by the next generation of automated, adaptive cyberattacks.