IGCSEComputer ScienceCIERevision Notes5. The internet and its uses5.3 Cyber SecurityCyber Security Threats

Cyber Security Threats (CIE IGCSE Computer Science)

Revision Note

Test Yourself
Becci Peters

Expertise

Computer Science

Cyber Security Threats

Cybersecurity threats pose a major challenge for individuals and organisations that rely on digital technology to store and transmit sensitive information. 

Brute-Force Attack 

  • A brute-force attack is a trial-and-error method used to crack passwords or encryption keys by trying every possible combination until the correct one is found
  • The aim of a brute-force attack is to gain unauthorised access to a system or network

Data Interception

  • Data interception involves eavesdropping on communication channels to intercept and steal sensitive information, such as passwords, credit card numbers, or personal data
  • The aim of data interception is to steal sensitive information for personal gain or to use it for further cyber attacks

Distributed Denial of Service (DDoS) Attack

  • A DDoS attack is where multiple computers are used as bots
  • They flood a server with lots of requests at the same time which the server can’t respond to; causing it to crash or become unavailable to users
  • The aim of a DDoS attack is to disrupt the normal functioning of a system or network by denying users access

Hacking

  • Hacking involves gaining unauthorised access to a system or network to steal or manipulate data, disrupt services, or cause damage
  • The aim of hacking can vary from personal gain to activism or cyber espionage

Malware

Malware is malicious software designed to harm or gain unauthorised access to a system or network. Types of malware include:

  • A virus is a piece of code that attaches itself to a legitimate program or file and then replicates itself to spread to other programs or files on the computer. It can cause damage to the system, including deleting data or damaging hardware
  • A worm is similar to a virus but is a standalone program that can spread and replicate itself over computer networks. It can take up storage space or bandwidth
  • A Trojan horse is a program that disguises itself as a legitimate program or file, but when installed, it can delete data or damage hardware
  • Spyware is software that records all key presses and transmits these to a third party
  • Adware is a type of software that displays unwanted advertisements on the computer without the user's consent. Some of these may contain spyware and some may link to viruses when clicked
  • Ransomware is a type of malware that encrypts the user's files and demands a ransom payment to decrypt them. It can cause data loss, and financial damage and disrupt business operations

The aim of malware attacks can range from data theft to extortion or disruption of services

Phishing

  • Phishing involves the user is sent an email which looks legitimate
  • This contains a link to a fake website where the user is encouraged to enter their details
  • The aim of phishing is to steal sensitive information for personal gain or to use it for further cyber attacks

Pharming

  • Pharming involves malware being downloaded without the user’s knowledge
  • This redirects the user to a fake website where they’re encouraged to enter their personal details
  • The aim of pharming is to steal sensitive information for personal gain or to use it for further cyber attacks

Exam Tip

  • A user needs to click on a link or an attachment to open the fake web page or trigger a download of malicious code, and not just open the email

Social Engineering

  • Social engineering involves manipulating individuals to gain access to confidential information or to perform an action that benefits the attacker
  • This can include techniques such as:
    • This involves posing as someone else to gain trust or access to sensitive information
    • Attackers might pretend to be a co-worker, IT support personnel, or a law enforcement officer to get people to divulge sensitive information or perform an action they wouldn't otherwise do
    • Baiting is a social engineering technique that involves enticing a victim with a desirable item or promise to extract sensitive information or gain access to a system
    • Attackers might leave a USB drive with a tempting label, like "salary information," in a public place and wait for someone to pick it up and plug it into a computer
    • Once the drive is connected to the computer, the attacker can access sensitive information or install malware
    • Pretexting involves creating a fake scenario to extract sensitive information
    • The attacker might pose as a bank representative and ask for personal information to "verify your account”
    • Impersonation
    • Baiting
    • Pretexting
  • The aim of social engineering is to exploit human behaviour and vulnerabilities to gain unauthorised access to a system or network


Accidental Damage

Data could also be accidentally damaged in many ways:

Example Prevention

Loss of power

Use a UPS

Liquids being spilt

Don’t have water near the device

Flooding

Keep device in a waterproof box when not is use

Fire

Use electrics safety and keep device in a fireproof box when not is use

Hardware failure

Correct care and maintenance of hardware

Software failure

Making sure it is always up to date

Human error:

  • Pressing delete by mistake
  • Not saving data
  • Not shutting down the computer correctly

Add verification method for data deletion

Set access levels for data to limit who can delete the data

Incorrect use of storage device

Making sure device is ejected before removing

Exam Tip

  • If you are given context in a question, you should apply your answer to the scenario

  • Back-up of data is not a method to help prevent the data being damaged. It can replace the data if it is damaged, but it does not stop the data being damaged

You've read 0 of your 0 free revision notes

Get unlimited access

to absolutely everything:

  • Downloadable PDFs
  • Unlimited Revision Notes
  • Topic Questions
  • Past Papers
  • Model Answers
  • Videos (Maths and Science)

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

    Test yourselfNext topic

    Did this page help you?

    Becci Peters

    Author: Becci Peters

    Becci has been a passionate Computing teacher for over 9 years, teaching Computing across the UK helping to engage, interest and develop confidence in the subject at all levels. Working as a Head of Department and then as an educational consultant, Becci has advised schools in England, where her role was to support and coach teachers to improve Computing teaching for all. Becci is also a senior examiner for multiple exam boards covering GCSE & A-level. She has worked as a lecturer at a university, lecturing trainee teachers for Computing.