Examining Why Hackers Target Banking Systems: Lessons from The Experiences of Ghanaian Microfinance Institutions

Daniel Opoku, Christian Donkor, Edna Owusu-Bempah

doi:https://doi.org/10.59232/CYS-V3I1P102

Research Article | Open Access | Download Full Text

Volume 3 | Issue 1 | Year 2025 | Article Id: CYS-V3I1P102 DOI: https://doi.org/10.59232/CYS-V3I1P102

Examining Why Hackers Target Banking Systems: Lessons from The Experiences of Ghanaian Microfinance Institutions

Daniel Opoku, Christian Donkor, Edna Owusu-Bempah

Received	Revised	Accepted	Published
08 Jan 2025	07 Feb 2025	18 Mar 2025	31 Mar 2025

Citation

Daniel Opoku, Christian Donkor, Edna Owusu-Bempah. “Examining Why Hackers Target Banking Systems: Lessons from The Experiences of Ghanaian Microfinance Institutions.” DS Journal of Cyber Security, vol. 3, no. 1, pp. 24-33, 2025.

Abstract

This study examines the key factors that drive hackers to target banking systems, utilizing a cross-sectional survey approach with a sample size of 220 participants. A purposive sampling technique was used to select bank employees who handle sensitive data or for a position that involves direct contact with cyberattacks. The findings indicate that financial gain, the vulnerability of the institution’s security infrastructure, and socio-cultural factors are significant predictors of hackers’ intention to breach or hack bank systems. These insights underline the need for banks to increase their cybersecurity measures, to increase the understanding of socio-cultural factors that may influence the behaviour of hackers and to develop strategies for reducing the financial benefit of cybercrime. From understanding the motives of hacking activities, this research can be used to develop more effective cybersecurity frameworks. Notably, this study is among the first to explore the factors influencing cyberattacks on banks within a developing economy, specifically Ghana. The study concludes with a recommendation for banks to prioritize the modernization of their security systems to reduce the threat of cyberattacks effectively.

Keywords

Banking, Cyberattacks, Cybercrime, Financial gain, Hackers.

References

[1] Akorfa Ahiafor, “Strategies for Mitigating the Effects of Crisis in Microfinance Institutions in Ghana,” Dissertation Walden University, 2019.

[Google Scholar] [Publisher Link]

[2] Faisal Quader, and Vandana P. Janeja, “Insights into Organizational Security Readiness: Lessons Learned from Cyber-Attack Case Studies,” Journal of Cybersecurity and Privacy, vol. 1, no. 4, pp. 638-659, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[3] Olusola Enitan Olowofela et al., “Financial Inclusion and Growth of Small and Medium Sized Enterprises: Evidence from Nigeria,” Journal: Izvestiya. Journal of Varna University of Economics, no. 3-4, pp. 198-212, 2022.

[Google Scholar] [Publisher Link]

[4] Paul Asante Danqua, “Malware and Anti-Malware Baseline: an Inductive Study of Ghanaian Microfinance Companies,” Information Technologist, vol. 17, no. 1, 2020.

[Google Scholar] [Publisher Link]

[5] A.H. Asfoor, F.A. Rahim, and S. Yussof, “Identifying Factors that Influence Security Behaviours Relating to Phishing Attacks Susceptibility: A Systematic Literature Review,” Journal of Theoretical and Applied Information Technology, vol. 98, no. 15, 2020.

[Google Scholar] [Publisher Link]

[6] Arjun Sudhanva Naik, “Securing Banking Applications in the Cloud: Challenges and Strategies for Enhanced Security,” IEEE International Conference on Computer, Electronics, Electrical Engineering and their Applications, Srinagar Garhwal, Uttarakhand, India, pp. 1-6, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[7] Adedoyin Tolulope Oyewole et al., “Cybersecurity Risks in Online Banking: A Detailed Review and Preventive Strategies Application,” World Journal of Advanced Research and Reviews, vol. 21. no. 3, pp. 625-643, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[8] Oluwatoyin Funmilayo Ayodele, and Adesola Oluwatosin Adelaja, “Advancing Cybersecurity Governance: Adaptive Resilience and Strategic Third-Party Risk Management in Financial Services,” World Journal of Advanced Research and Reviews, vol. 24, no. 2, pp. 293-302, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[9] Sumeet Kumar, and Kathleen M. Carley, “Approaches to Understanding the Motivations Behind Cyber Attacks,” IEEE Conference on Intelligence and Security Informatics, Tucson, AZ, USA, pp. 307-309, 2016.

[CrossRef] [Google Scholar] [Publisher Link]

[10] Chen Han, and Rituja Dongre, “Q&A. What Motivates Cyber-Attackers?,” Technology Innovation Management Review, vol. 4, no. 10, pp. 40-42, 2014.

[Google Scholar] [Publisher Link]

[11] Ken Owen, and Milena Head, “Motivation and Demotivation of Hackers in Selecting a Hacking Task,” Journal of Computer Information Systems, vol. 63, no. 3, pp. 522-536, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[12] Abdul Qarib Stanikzai, and Munam Ali Shah, “Evaluation of Cyber Security Threats in Banking Systems,” IEEE Symposium Series on Computational Intelligence, Orlando, FL, USA, pp. 1-4, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[13] Iryna Dorosh, “Cyber Security and its Role in the Financial Sector: Threats and Protection Measures,”

“Economics. Finances. Law., no. 10, pp. 48-51, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[14] Yanal Kilani, “Cyber-Security Effect on Organizational Internal Process: Mediating Role of Technological Infrastructure,” Problems and Perspectives in Management, vol. 18, no. 1, pp. 449-460. 2020.

[CrossRef] [Google Scholar] [Publisher Link]

[15] Henry Collier et al., “Cultural Influences on Information Security,” European Conference on Cyber Warfare and Security, vol. 22, no. 1, pp. 143-150, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[16] Nur Firdaus, “The Relationship between Culture and Social Capital with the Sustainability of Microfinance,” International Research Journal of Business Studies, vol. 13, no. 2, pp. 113-126, 2020.

[CrossRef] [Google Scholar] [Publisher Link]

[17] Joseph Amankwah-Amoah et al., “COVID-19 and Digitalization: The Great Acceleration,” Journal of Business Research, vol. 136, pp. 602-611, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[18] H.A. Kruger et al., “An Assessment of the Role of Cultural Factors in Information Security Awareness,” IEEE Information Security for South Africa, Johannesburg, South Africa, pp. 1-7, 2011.

[CrossRef] [Google Scholar] [Publisher Link]

[19] Bishal Poudel, and Satish Kumar Karna, “What Influences a Hacker to be a Black Hat?,” Medicon Engineering Themes, vol. 6, no. 6, pp. 13-21, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[20] Nils Gilman, “Hacking Goes Pro,” Engineering and Technology, vol. 4, no. 3, pp. 26-29, 2009.

[CrossRef] [Google Scholar] [Publisher Link]

[21] Kunal et al., “Understanding Cyber-Attacks and their Impact on Global Financial Landscape,” IEEE International Conference on Circuit Power and Computing Technologies, Kollam, India, pp. 1452-1456, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[22] Clemens Scott Kruse et al., “Cybersecurity in Healthcare: A Systematic Review of Modern Threats and Trends,” Technology and Health Care, vol. 25, no. 1, pp. 1-10, 2017.

[CrossRef] [Google Scholar] [Publisher Link]

[23] Jingguo Wang, Manish Gupta, and H. Raghav Rao, ”Insider Threats in a Financial Institution: Analysis of Attack-Proneness of Information Systems Applications,” MIS Quarterly, vol. 39, no. 1, pp. 91-112, 2015.

[Google Scholar] [Publisher Link]

[24] Yorrick Creado, and Vidyavati Ramteke, “Active Cyber Defence Strategies and Techniques for Banks and Financial Institutions,” Journal of Financial Crime, vol. 27, no. 3, pp. 771-780, 2020.

[CrossRef] [Google Scholar] [Publisher Link]

[25] Suleman Ibrahim, “Causes of Socioeconomic Cybercrime in Nigeria,” IEEE International Conference on Cybercrime and Computer Forensic, Vancouver, BC, Canada, pp. 1-9, 2016.

[CrossRef] [Google Scholar] [Publisher Link]

[26] Joshua Oyeniyi Aransiola, and Suraj Olalekan Asindemade, “Understanding Cybercrime Perpetrators and the Strategies they Employ in Nigeria,” Cyberpsychology, Behavior, and Social Networking, vol. 14, no. 12, pp. 759-763, 2011.

[CrossRef] [Google Scholar] [Publisher Link]

[27] Prima Fithri et al., “Validation Studies a Questionnaire Developed to Measure Incubator Business Technology Performance using PLS-SEM Approach,” Andalusian International Journal of Applied Science, Engineering and Technology, vol. 4, no. 1, pp. 64-78, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[28] Mehmet Mehmetoglu , “CONDISC: Stata Module to Perform Convergent and Discriminant Validity Assessment in CFA,” EconPapers, 2015.

[Google Scholar] [Publisher Link]

[29] Kwame Owusu Kwateng, Christopher Amanor, and Francis Kamewor Tetteh, “Enterprise Risk Management and Information Technology Security in the Financial Sector,” Information and Computer Security, vol. 30, no. 3, pp. 422-451, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[30] Asyraf Afthanorhan, Puspa Liza Ghazali, and Norfadzilah Rashid, “Discriminant Validity: A Comparison of CBSEM and Consistent PLS Using Fornell and Larcker and HTMT Approaches,” Journal of Physics: Conference Series , vol. 1874, no. 1, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[31] Gregor Dorfleitner, Sebastian Utz, and Rongxin Zhang , “The Pricing of Green Bonds: External Reviews and the Shades of Green,” Review of Managerial Science, vol. 16, pp. 797–834, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[32] Shaon Kumar Das et al., “Compositional Heterogeneity of Different Biochar: Effect of Pyrolysis Temperature and Feedstocks,” Journal of Environmental Management, vol. 278, 2021.

[CrossRef] [Google Scholar] [Publisher Link]