| Abstract: | This study examines the effect of cyber-attacks on Ethiopian banks’ ICT systems and explores the
fundamental mechanisms for protecting against these attacks. In this, an explanatory research
design within the framework of a mixed-method research approach, combining qualitative and
quantitative methods, was employed to frame the research and gather comprehensive data. Both
primary and secondary data are used in the study. A Census strategy is followed to gather data
from banks’ headquarters found in the country. Quantitative and qualitative methods of data
analysis are used to give meaning to the raw data. The findings of the study indicate that malware,
DDOS, and fishing attacks are the most commonly observed cyber-attacks on banks’ ICT systems.
Most importantly, all of the explanatory variables (Compromise of confidentiality, integrity, and
availability) significantly affect the bank’s ICT systems negatively. In general, the study provided
valuable understanding into common types of cyber-attacks faced by Ethiopian banks,
cybersecurity measures implemented, effect on ICT systems, vulnerability management, detection
and response capabilities, and collaboration efforts with stakeholders. As a recommendation, the
findings highlight the need for proactive cybersecurity strategies, multi-layered security controls,
regular vulnerability assessments, and incident response planning. |
