THE EFFECTS OF CYBER-ATTACKS ON BANKS BUSINESS ICT SYSTEMS: THE CASE OF BANKS IN ETHIOPIA

Abstract

This study examines the effect of cyber-attacks on Ethiopian banks’ ICT systems and explores the fundamental mechanisms for protecting against these attacks. In this, an explanatory research design within the framework of a mixed-method research approach, combining qualitative and quantitative methods, was employed to frame the research and gather comprehensive data. Both primary and secondary data are used in the study. A Census strategy is followed to gather data from banks’ headquarters found in the country. Quantitative and qualitative methods of data analysis are used to give meaning to the raw data. The findings of the study indicate that malware, DDOS, and fishing attacks are the most commonly observed cyber-attacks on banks’ ICT systems. Most importantly, all of the explanatory variables (Compromise of confidentiality, integrity, and availability) significantly affect the bank’s ICT systems negatively. In general, the study provided valuable understanding into common types of cyber-attacks faced by Ethiopian banks, cybersecurity measures implemented, effect on ICT systems, vulnerability management, detection and response capabilities, and collaboration efforts with stakeholders. As a recommendation, the findings highlight the need for proactive cybersecurity strategies, multi-layered security controls, regular vulnerability assessments, and incident response planning.