Contrast Security Releases Modern Heist Bank Report 2025, Revealing Critical Concern Over Zero-Day Attacks

Report finds APIs, cloud environments, and applications are the attack vectors of choice

PLEASANTON, Calif.--()--Contrast Security, the runtime security leader, today released Modern Heist Bank Report 2025, revealing that the financial sector faced a surge in attacks, with 64% of respondents reporting cybersecurity incidents in the past 12 months. Contrast Security’s annual report sheds light on the cybersecurity threats facing the financial sector, providing an eye-opening perspective on the changing behavior of cybercriminals and defensive shifts in today’s environment.

“Our research found that the financial sector is facing increasing threats with a noticeable uptick in zero-day and destructive attacks,” said Tom Kellermann, Cybersecurity Advisor for Contrast Security. “We also uncovered that not only are APIs, cloud environments, and applications the attack vectors of choice, but also, today’s motive has changed. Cybercriminals are no longer going after data. Instead, they’re island hopping, or hijacking an organization’s digital transformation and using that infrastructure to launch attacks against a company’s customers and partners. As tactics and motives evolve, financial institutions need to rethink how they are protecting themselves. Continuous monitoring of the application layer for behavioral anomalies is imperative, and to do that, organizations must implement application defense and response (ADR) to block attacks in production and catch vulnerabilities in apps and APIs.”

Contrast Security researchers found that 71% of respondents reported zero-day attacks as the key concern to safeguarding applications and APIs, followed by dwell time (43%) and lack of visibility into the application layer (38%). The overwhelming concern with zero-day attacks aligns with key industry research and trends showing significant increase in zero days being exploited year-over-year. The rise in zero days is largely due to heavy spending from nation states. China and Russia are increasing their efforts to discover and create zero days to infiltrate Western critical infrastructures.

Financial institutions are further challenged by legacy technology, with 82% overrelying on web application firewalls (WAF) and 61% saying they considered their WAFs to be effective. However, reliance on WAFs alone is inadequate against zero-day exploits and modern application attacks. In light of all this, it’s no surprise that zero days were the top application-related security concern. In fact, fewer than 25% said they were confident that their current security controls could mitigate such an attack.

The report’s key findings include:

  • Two-thirds of financial institutions have experienced a cyber incident in the last 12 months
  • Respondents reported a 12.5% increase in destructive cyber attacks, which are launched punitively to destroy data and burn the evidence as part of a counter-incident response
  • Over two-thirds experienced attacks focused on stealing non-public market information, with cybercriminals using it for insider trading, digital front running, and shorting stock before they dox the stolen, confidential data to the regulators
  • Over 71% said zero-day attacks were the biggest issue they faced in regard to safeguarding their applications and APIs
  • Over half experienced a supply chain attack
  • Top two attack vectors were APIs and cloud environments, followed by applications
  • 60% said their investments in XDR did not provide visibility into behavioral anomalies at the application layer

Offense must inform defense, and as zero days and API attacks surge, financial institutions need to implement ADR solutions purpose-built to provide ground truth at the application layer. ADR is the only real-time and always-on application and API security solution that prevents exploits in production and insecure programming during development. As a result, organizations are enabled to block attacks and easily scale to protect the entire software portfolio, including applications, APIs, and third-party applications.

To download the full report, visit https://www.contrastsecurity.com/modern-bank-heists-report-2025-adr.

Methodology

Participants interviewed for this study consisted of 35 CISOs, SVPs of Cybersecurity and Managing Directors of Information Security in financial institutions.

About Contrast Security

Contrast Security is the world’s leader in Runtime Application Security, embedding code analysis and attack prevention directly into software. Contrast’s patented security instrumentation disrupts traditional AppSec approaches with integrated and comprehensive security observability that delivers highly accurate assessment and continuous protection of an entire application portfolio. The Contrast Runtime Security Platform enables powerful Application Security Testing and Application Detection and Response, allowing developers, AppSec teams, and SecOps teams to better protect and defend their applications against the ever-evolving threat landscape. Application Security programs need to modernize. Contrast empowers teams to innovate — with confidence. Learn more: https://www.contrastsecurity.com/.

Contacts

Media Contact:
Jake Milstein
Contrast Security
pr@contrastsecurity.com

Contacts

Media Contact:
Jake Milstein
Contrast Security
pr@contrastsecurity.com