Cybersecurity threats in the financial sector: Analyzing attack types, Vulnerabilities, and response mechanisms across geopolitical contexts (2015–2024)

The digital transformation of the financial sector between 2015 and 2024 has brought efficiency and innovation, but it has also increased exposure to a wide range of cybersecurity threats. This study investigates the rise and evolution of major cyberattack types targeting financial institutions, including phishing, ransomware, man-in-the-middle attacks, and distributed denial-of-service (DDoS) attacks. Using a structured dataset of real-world incidents across multiple countries, the research applies supervised machine learning techniques like Random Forest and XGBoost to classify attack types and uncover their underlying drivers. Phishing emerged as the most frequent threat, with social engineering, weak passwords, and zero-day exploits identified as major contributors to successful breaches.

The XGBoost model outperformed Random Forest, achieving 80.9% accuracy and a weighted F1-score of 80.98%. Feature importance analysis revealed that financial loss, number of affected users, and incident resolution time were key predictors. The study also highlights how countries with high digital connectivity, but weaker regulations, face more frequent attacks, underlining the geopolitical nature of cyber risks.

Ultimately, this paper demonstrates the value of ensemble learning models in predictive cybersecurity and stresses the importance of layered defenses, employee awareness, and international collaboration. Its insights support the development of proactive strategies to strengthen cyber resilience across the global financial sector.