Editor's Pick

UK’s financial sector faces new wave of brute force DDoS attacks

The UK’s financial sector is experiencing a wave of brute force Distributed Denial of Service (DDoS) attacks, new data obtained through a freedom of information request shows.

Hackers are increasingly using brute force tactics to launch cyberattacks against the UK’s financial sector, as they pivot away from using phishing and malware scams, the Financial Conduct Authority (FCA) data obtained by cybersecurity firm Picus Security shows.

DDoS attacks accounted for 25 per cent of all hacking incidents reported to the FCA in the first half of 2022, compared to just four per cent in 2021.

The surge in the number of DDoS attacks comes as the number of malware and ransomware attacks has dropped sharply over the same period of time.

The number of cyberattacks involving ransomware dropped 63 per cent in the first half of 2022, as the number of phishing scams fell by half (50 per cent).

The sharp rise in DDoS attacks comes as hackers are increasingly using the brute force attacks, over more complex phishing scams, to extort money from victims.

Industry sources noted major companies are often willing to pay ransoms to restore access to services, if the ransom payments are less than the cost of losing any business.

Cybersecurity experts said the increase also comes as state-backed hackers and hacktivists have pivoted their activities in favour of the war effort, following Russia’s invasion of Ukraine.

The pivot has seen hackers focus their efforts on targeting critical infrastructure, including the UK’s finance sector, via so-called “carpet-bombing” attacks instead of simply extorting money from victims.

“UK financial institutions are in the crossfire of the ongoing war between Russia and Ukraine and have become a direct target for nation-state attackers and hacktivists seeking to disrupt Ukraine’s allies,” Suleyman Ozarslan, co-founder of Picus Security said.

An FCA spokesperson said: “Cyber-attacks continue to pose a threat to all financial services firms. Firms should be aware of the threat, able to defend themselves effectively, and respond proportionately to cyber events.”

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

Your daily news source covering investing ideas, market stocks, business, retirement tips from Wall St. to Silicon Valley.


TheProficientInvestor.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice.
The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2021 TheProficientInvestor. All Rights Reserved.

To Top