Free Trial
|
Login
Free Trial
Login
Platform
Platform
I want to
report
WHITEPAPER Picus Red Report 2025
white paper
DATASHEET Security Validation Platform
Use Cases
Use Cases
Frameworks
Group
WHITEPAPER Building a Robust Defense-in-Depth Strategy with Breach and Attack Simulation (BAS)
Paper Icons
E-BOOK An Introduction to Exposure Validation
Research
RESEARCH
LEARNING
whitepaper
Whitepaper Modernize Your SOC with Breach and Attack Simulation
report (1)
REPORT Blue Report: Effective Threat Exposure Management
Resources
RESOURCES
LEARNING
Group
WHITEPAPER Double Your Threat Blocking in 90 Days
Paper Icons
E-BOOK An Introduction to Exposure Validation
Company
COMPANY
PARTNERS
webinar
REGISTER NOW: Assessing Your Zero Trust Program with "Assume Breach" Mindset
Data sheet
DATASHEET The Pioneer of Breach & Attack Simulation
GET A DEMO
Picus Labs | 3 MIN READ

LAST UPDATED ON JANUARY 17, 2024

DDoS attacks on financial sector surge during war in Ukraine, new FCA data reveals

London, UK, 14 September 2022Picus Security, the pioneer of Breach and Attack Simulation (BAS) technology, today released cyber incident data obtained from the UK’s Financial Conduct Authority (FCA). Through a Freedom of Information (FOI) request, Picus can reveal a steep rise in Distributed Denial-of-Service (DDoS) attacks reported to the regulator. 25% of cyber incidents submitted to the FCA in the first half of 2022 involved DDoS, compared to 4% in 2021. 

Picus believes the primary reason for the significant increase in DDoS attacks is UK finance firms being targeted by nation-state attackers and hacktivists during the ongoing Russia-Ukraine conflict. DDoS attacks, including sophisticated ‘carpet-bombing’, are often used against providers of critical infrastructure to disrupt operations and deny access to vital services.

The observed rise in DDoS attacks also coincides with a reported increase in DDoS for hire websites and ransomware operators using DDoS as a tactic to pressure and extort money from targets.

Other key findings of Picus Security’s FOI, which also considers 2021 data obtained from the FCA, include: 

  • The FCA received 55 reports of ‘material’ cyber incidents in the first half of 2022, down 25% from 73 in H1 2021.
  • 64% of reported material cyber incidents in H1 2022 were due to cyber-attacks.
  • The number of cyber incidents in H1 2022 involving malware and phishing decreased 75% and 50% respectively, compared to the same period in 2021.
  • Cyber incidents involving ransomware decreased 63% in H1 2022 compared to the number reported in H1 2021.* 

Read Picus Security’s blog for more in-depth insights.

“DDoS attacks are a concern for financial institutions, with their ability to disrupt operations and even bring them down entirely,” said Dr. Suleyman Ozarslan, Picus Security Co-Founder and VP of Picus Labs. “UK financial institutions are in the crossfire of the ongoing war between Russia and Ukraine and have become a direct target for nation-state attackers and hacktivists seeking to disrupt Ukraine’s allies.

“While it’s encouraging that financial firms reported fewer cyber incidents in the first half of 2022 than they did during the equivalent period in 2021 there is no time for complacency. As threats evolve, financial institutions must continue to proactively harden their defenses. This includes validating that security controls and processes provide protection against the latest risks.” 

Notes for editors – Methodology 

The UK’s Financial Conduct Authority (FCA) regulates the activity of more than 50,000 financial services firms. If any of these businesses suffer a material cyber incident, they must notify the FCA immediately. According to the FCA, a material incident is defined as a cyber incident that:

  • Results in significant loss of data, or the availability or control of its IT system
  • Impacts a large number of victims
  • Results in unauthorised access to, or malicious software present on, its information and communication systems

In July 2022, Picus Security issued a Freedom of Information (FOI) request to the FCA to understand the degree to which cybercrime had impacted the UK finance sector in the first half of 2022 (Jan 1st-30th June)

* Note: In H1 2021, the FCA received an unusually high number of ransomware reports, including a large spike in March 2021. The 2022 data could be considered a return to ‘normal’, being more on par with the figures reported in the second half of 2021.

About Picus Security

Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Control Validation Platform is trusted by leading organizations worldwide to continuously validate the effectiveness of security controls against cyber-attacks and supply actionable mitigation insights to optimize them.

Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners.

The company is dedicated to helping security professionals become more threat-centric and via its Purple Academy offers free online training to share the latest offensive and defensive cybersecurity strategies.

For more information, visit www.picussecurity.com

Table of Contents

Retail Under Fire: Inside the DragonForce Ransomware Attacks on Industry Giants
Emerging Threat Retail Under Fire: Inside the DragonForce Ransomware Attacks on Industry Giants
Learn More
CVE-2025-31324: SAP NetWeaver Remote Code Execution Vulnerability Explained
Emerging Threat CVE-2025-31324: SAP NetWeaver Remote Code Execution Vulnerability Explained
Learn More
cve-2025-32433-erlang
Emerging Threat CVE-2025-32433: Erlang/OTP SSH Remote Code Execution Vulnerability Explained
Learn More
CVE-2025-22457: Ivanti Remote Code Execution Vulnerability Explained
Emerging Threat CVE-2025-22457: Ivanti Remote Code Execution Vulnerability Explained
Learn More
IngressNightmare: Ingress NGINX Remote Code Execution Vulnerability Explained
Emerging Threat IngressNightmare: Ingress NGINX Remote Code Execution Vulnerability Explained
Learn More
CVE-2025-29927: Next.js Middleware Bypass Vulnerability Explained
Emerging Threat CVE-2025-29927: Next.js Middleware Bypass Vulnerability Explained
Learn More
Medusa Ransomware Analysis, Simulation, and Mitigation - CISA Alert AA25-071A
Emerging Threat Medusa Ransomware Analysis, Simulation, and Mitigation - CISA Alert AA25-071A
Learn More
Ghost (Cring) Ransomware Analysis, Simulation, and Mitigation - CISA Alert AA25-050A
Emerging Threat Ghost (Cring) Ransomware Analysis, Simulation, and Mitigation - CISA Alert AA25-050A
Learn More
Microsoft Active Directory Domain Services CVE-2025-21293 Vulnerability Explained
Emerging Threat Microsoft Active Directory Domain Services CVE-2025-21293 Vulnerability Explained
Learn More