Cyber security threats - Computer Science 8525 (Updated) - AQA GCSE

Welcome to Cyber Security Threats!

In this chapter, we are going to explore the different ways that "bad actors" (the people who want to steal data or cause damage) try to attack computers and networks. Think of this like learning about the different ways a burglar might try to get into a house—if we know how they think, we can better protect ourselves!

Don't worry if some of these terms seem a bit strange at first. We’ll break them down using everyday examples so you can feel like a pro in no time.

3.6.1 What is Cyber Security?

Before we look at the threats, let's define what we are trying to do. Cyber security consists of the processes, practices, and technologies designed to protect networks, computers, programs, and data from attack, damage, or unauthorised access.

Analogy: If your computer is a castle, cyber security is the combination of the thick stone walls, the moat, the guards at the gate, and the rules about who is allowed inside.

Quick Review: The Three Goals

Cyber security aims to stop three main things:
1. Attack: Someone trying to break things on purpose.
2. Damage: Data being deleted or corrupted.
3. Unauthorised Access: Someone looking at files they aren't supposed to see.

3.6.2 The Threats: "Hacking the Human"

Sometimes, the easiest way to get into a computer system isn't through fancy coding; it’s by tricking the people who use it. This is called social engineering.

Social Engineering Techniques

Social engineering is the art of manipulating people so they give up confidential information. Here are the three forms you need to know:

1. Blagging (Pretexting): This is the act of creating and using an invented scenario (a "pretext") to engage a victim. The goal is to make the victim divulge information they normally wouldn't.
Example: Someone calls you pretending to be from your bank's security team, saying there is an emergency with your account to trick you into giving them your PIN.

2. Phishing: This is a technique of fraudulently obtaining private information, often using email or SMS. These messages usually look like they are from a trusted source (like PayPal, Netflix, or a bank) and ask you to click a link to "update your details."
Common Mistake: Don't confuse Phishing with Pharming! Phishing is the message you receive; Pharming is what happens to the website you visit (more on that in a moment).

3. Shouldering (or Shoulder Surfing): This is the simplest one! It is observing a person’s private information over their shoulder.
Example: Watching someone enter their PIN at a cashpoint (ATM) or a password on a laptop in a café.

Memory Aid: The "BPS" of Social Engineering

Remember B-P-S:
Blagging (the Big lie/story)
Phishing (the fake Post/email)
Shouldering (looking over the Shoulder)

Takeaway: Social engineering targets people, not software. The best defense is being cautious and never giving out passwords or PINs.

3.6.2.2 Malicious Code (Malware)

Malware is an "umbrella term" (a word that covers many different things) used to refer to a variety of forms of hostile or intrusive software.

Types of Malware

1. Computer Virus: These are programs that "infect" other files. They can only spread if a user shares an infected file or opens a bad attachment. Like a real-life flu virus, it needs a "host" to move from person to person.

2. Trojan: Named after the famous wooden horse from history, this malware pretends to be something useful (like a free game or a helpful tool) but actually hides a malicious purpose inside. Once you run the "useful" program, the Trojan does its damage.

3. Spyware: This software quietly watches what you do on your computer. It might record your keystrokes (keylogging) to steal your passwords or watch which websites you visit.

Did you know? Some spyware can even turn on your webcam or microphone without you knowing!

Takeaway: Malware is software designed to be bad. You can protect against it by using anti-malware software and being careful about what you download.

3.6.2.3 Technical Threats

Not all threats involve tricking people or sending bad files. Sometimes, attackers exploit "weak spots" in how systems are set up.

Pharming: This is a cyber attack intended to redirect a website's traffic to a fake website. Even if you type the correct web address (like www.mybank.com), the attacker "hijacks" the request and sends you to their fake version of the site to steal your login details.

Weak and Default Passwords: Many devices (like home Wi-Fi routers) come with "default" passwords like "admin" or "password123." If users don't change these, hackers can easily guess them. Weak passwords (like your pet's name) are also very easy for "brute force" programs to crack.

Misconfigured Access Rights: If a school network isn't set up correctly, a student might accidentally have "Administrator" rights, meaning they could delete other people's work or see private files. This is a security risk!

Removable Media: USB sticks and external hard drives can be used to bypass firewalls. An attacker might leave a "lost" USB stick in a car park, hoping an employee picks it up and plugs it into a work computer, automatically installing malware.

Unpatched and/or Outdated Software: Software companies regularly release "patches" (updates) to fix security holes. If you don't update your Windows, macOS, or apps, hackers can use those well-known "holes" to get in.

Takeaway: Keeping software updated and using strong, unique passwords are two of the easiest ways to stay safe!

3.6.2.4 Penetration Testing

How do big companies know if their security is actually good? They hire "ethical hackers" to try and break in! This is called penetration testing.

Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords, and other normal means of access.

Two Types of Penetration Testing:

1. Simulating a Malicious Insider: The tester is given some knowledge of the system (like a basic user account or a map of the network). This tests what a disgruntled employee could do from the inside.

2. Simulating an External Attack: The tester has no knowledge of the system at all. They have to try and break in from the outside, just like a real hacker would.

Takeaway: Pen-testing helps organisations find their "weak spots" before a real criminal does.

3.6.3 Detecting and Preventing Threats

Now that we know the threats, how do we stop them? Here are the key security measures:

Biometric Measures: Using physical traits to identify you, like fingerprint scanners or facial recognition (very common on modern smartphones).
Password Systems: Requiring strong passwords and changing them regularly.
CAPTCHA: Those "I am not a robot" tests. They stop automated "bot" programs from creating thousands of fake accounts.
Email Confirmations: When you sign up for something, they send an email to prove you are who you say you are. This confirms the user's identity.
Automatic Software Updates: Setting your computer to install "patches" automatically so you are always protected against the latest known "holes" in the software.

Quick Review Box: The Best Defenses

Threat: Phishing -> Defense: User training/caution
Threat: Outdated Software -> Defense: Automatic updates
Threat: Guessing Passwords -> Defense: Biometrics or strong password rules
Threat: Brute-force bots -> Defense: CAPTCHA

Great job! You've covered the core threats and defenses for your GCSE. Remember: most cyber security is just about being "digitally street-wise."

* The content provided by thinka is generated by AI and may not always be accurate or up-to-date. Please use it as a supplementary resource and verify with official materials.