Contrast Security released Modern Heist Bank Report 2025,
revealing that the financial sector faced a surge in attacks, with 64%
of respondents reporting cybersecurity incidents in the past 12 months.
Contrast Security's annual report sheds light on the cybersecurity
threats facing the financial sector, providing an eye-opening
perspective on the changing behavior of cybercriminals and defensive
shifts in today's environment.
"Our research found that the financial sector is facing increasing
threats with a noticeable uptick in zero-day and destructive attacks,"
said Tom Kellermann, Cybersecurity Advisor for Contrast Security. "We
also uncovered that not only are APIs, cloud environments, and
applications the attack vectors of choice, but also, today's motive has
changed. Cybercriminals are no longer going after data. Instead, they're
island hopping, or hijacking an organization's digital transformation
and using that infrastructure to launch attacks against a company's
customers and partners. As tactics and motives evolve, financial
institutions need to rethink how they are protecting themselves.
Continuous monitoring of the application layer for behavioral anomalies
is imperative, and to do that, organizations must implement application
defense and response (ADR) to block attacks in production and catch
vulnerabilities in apps and APIs."
Contrast Security researchers found that 71% of respondents reported
zero-day attacks as the key concern to safeguarding applications and
APIs, followed by dwell time (43%) and lack of visibility into the
application layer (38%). The overwhelming concern with zero-day attacks
aligns with key industry research and trends showing significant
increase in zero days being exploited year-over-year. The rise in zero
days is largely due to heavy spending from nation states. China and
Russia are increasing their efforts to discover and create zero days to
infiltrate Western critical infrastructures.
Financial institutions are further challenged by legacy technology, with
82% overrelying on web application firewalls (WAF) and 61% saying they
considered their WAFs to be effective. However, reliance on WAFs alone
is inadequate against zero-day exploits and modern application attacks.
In light of all this, it's no surprise that zero days were the top
application-related security concern. In fact, fewer than 25% said they
were confident that their current security controls could mitigate such
an attack.
The report's key findings include:
-
Two-thirds of financial institutions have experienced a cyber incident in the last 12 months
-
Respondents reported a 12.5% increase in destructive cyber attacks,
which are launched punitively to destroy data and burn the evidence as
part of a counter-incident response
-
Over two-thirds experienced attacks focused on stealing non-public
market information, with cybercriminals using it for insider trading,
digital front running, and shorting stock before they dox the stolen,
confidential data to the regulators
-
Over 71% said zero-day attacks were the biggest issue they faced in regard to safeguarding their applications and APIs
-
Over half experienced a supply chain attack
-
Top two attack vectors were APIs and cloud environments, followed by applications
-
60% said their investments in XDR did not provide visibility into behavioral anomalies at the application layer
Offense must inform defense, and as zero days and API attacks surge,
financial institutions need to implement ADR solutions purpose-built to
provide ground truth at the application layer. ADR is the only real-time
and always-on application and API security solution that prevents
exploits in production and insecure programming during development. As a
result, organizations are enabled to block attacks and easily scale to
protect the entire software portfolio, including applications, APIs, and
third-party applications.
To download the full report, visit https://www.contrastsecurity.com/modern-bank-heists-report-2025-adr.