Threats to Digital Systems (Edexcel GCSE Computer Science)

Revision Note

Robert Hampton

Written by: Robert Hampton

Reviewed by: James Woodhouse

Malware

What is malware?

  • Malware (malicious software) is the term used for any software that has been created with malicious intent to cause harm to a computer system

  • Examples of issues caused by malware include

    • Files being deleted, corrupted or encrypted

    • Internet connection becoming slow or unusable

    • Computer crashing or shutting down 

  • There are various types of malware and each has slightly different issues which they cause

Malware

What it does

Virus

  • A program which can replicate itself on a user's computer. It contains code that will cause unwanted and unexpected events to occur

  • Examples of issues a user may experience are

    • Corrupt files

    • Delete data

    • Prevent applications from running correctly

Worms

  • Worms are very similar to viruses, with the main difference being that they will spread to other drives and computers on the network

  • Worms can infect other computers from

    • Infected websites

    • Instant message services

    • Email

    • Network connection

Trojan

  • Sometimes also called a Trojan Horse

  • Trojans disguise themselves as legitimate software but contain malicious code in the background 

Key loggers

  • Key loggers can record your screen, log your keystrokes to gain access to passwords and more

Ransomware

  • A form of malware that locks your computer or device and encrypts your documents and other important files

  • Often a demand is made for money to receive the password that will allow the user to decrypt the files

  • There is no guarantee paying the ransom will result in the user getting their data back

How Hackers Exploit Vulnerabilities

What is a hacker?

  • A hacker is a criminal who exploits technical vulnerabilities to break into computer systems and networks

  • Hackers seek out opportunities that make this possible, this includes:

    • Unpatched software

    • Out-of-date anti-malware

Unpatched software

  • Software is often released in a less than perfect state and flaws/vulnerabilities may exist which can provide an opportunity for hackers

  • Unpatched software can lead to:

    • Data breaches

    • Installation of malware

Out-of-date anti-malware

  • Anti-malware that is out-of-date is not effective at protecting against new threats

  • Malware threats have a unique signature called a 'definition' which is used to protect against them

  • Out-of-date anti-malware will not have an updated list of definitions

  • Out-of-date anti-malware can lead to:

    • Data loss

    • Identify theft

    • Financial loss

Social Engineering

What is social engineering?

  • Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them

  • Social engineering is the art of manipulating people so they give up confidential information 

Blagging (pretexting)

  • The art of creating and using an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances

  • E.g. a scammer will send a fake text message, pretending to be from the government or human resources of a company, this scam is used to trick an individual into giving out confidential data

Phishing

  • Sending fraudulent emails/SMS to a large number of people, claiming to be from a reputable company or trusted source to try and gain access to your details, often by coaxing the user to click on a login button/link

Baiting

  • Using deception to lure a victim into a trap

  • Victims are lured by the offer of something appealing such as:

    • Something for free

    • A chance to win a prize

    • Exclusive access

    • Sensationalised headings (fake news)

  • Once interest is shown, the hacker sets the trap, the trap could include:

    • Sending malicious links or attachments

    • Directing to a fake website

Quid pro quo

  • A technique which preys on a persons desire to repay a kind gesture by doing something in return (something for something)

  • Similar to baiting but usually involves the offer of a service after giving information

  • An example of quid pro quo could be:

    • Offering to fix an infected computer but needing security credentials to be able to do it

How can you protect against it?

  • The best way to protect an individual from the threat of social engineering is to ensure the proper training/education has taken place

    • What questions to ask to determine authenticity (blagging)

    • What to look for in an email/SMS (phishing)

    • Being aware of surroundings/location (shouldering)

Worked Example

Explain one way that digital systems may be vulnerable to cyberattacks when users do not properly maintain their software [2]

Answer

Software may contain security bugs (1) because it is unpatched (1)

Anti-malware may not identify an attack (1) because the virus definitions are out of date (1)

Last updated:

You've read 0 of your 5 free revision notes this week

Sign up now. It’s free!

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

Did this page help you?

Robert Hampton

Author: Robert Hampton

Expertise: Computer Science Content Creator

Rob has over 16 years' experience teaching Computer Science and ICT at KS3 & GCSE levels. Rob has demonstrated strong leadership as Head of Department since 2012 and previously supported teacher development as a Specialist Leader of Education, empowering departments to excel in Computer Science. Beyond his tech expertise, Robert embraces the virtual world as an avid gamer, conquering digital battlefields when he's not coding.

James Woodhouse

Author: James Woodhouse

Expertise: Computer Science

James graduated from the University of Sunderland with a degree in ICT and Computing education. He has over 14 years of experience both teaching and leading in Computer Science, specialising in teaching GCSE and A-level. James has held various leadership roles, including Head of Computer Science and coordinator positions for Key Stage 3 and Key Stage 4. James has a keen interest in networking security and technologies aimed at preventing security breaches.