IGCSEICTCambridge (CIE)Revision Notes6. Safety & SecuritySecurityThreats to Data

Threats to Data (Cambridge (CIE) IGCSE ICT)

Revision Note

James Woodhouse

Written by: James Woodhouse

Reviewed by: Lucy Kirkham

Updated on

Hacking

What is a hacking?

  • Hacking is a generic term used to describe the act of gaining unauthorised access to computer systems or networks to gain control, steal information, or cause damage

  • A hacker is a criminal who exploits technical vulnerabilities to break into computer systems and networks

  • Hackers seek out opportunities that make this possible, these include:

    • Unpatched software

    • Out-of-date anti-malware

    • Weak passwords

What are the effects of hacking?

  • Hacking can cause a number of issues for an organisation or individual, these include:

    • Data breaches

    • Installation of malware

    • Data loss

    • Identify theft

    • Financial loss

How can hacking be prevented?

  • Hacking can be prevented by a number of methods, some of these include:

    • Using strong passwords

    • Using two-factor authentication

    • Installing anti-malware software

    • Using firewalls

Phishing

What is a phishing?

  • Phishing is a form of social engineering

  • It involves sending fraudulent, legitimate-looking emails to a large number of email addresses, claiming to be from a reputable company or trusted source to try and gain access to your details

  • Phishing often tries to coax the user to click on a login button to enter their details

What are the effects of phishing?

  • The creator of the email can gain unauthorised access to personal data such as login information, bank accounts and more

  • Phishing can lead to identity theft or fraudulent activity on credit cards and bank accounts

How can phishing be prevented?

  • Phishing can be prevented by:

    • Anti-spam filters to avoid fraudulent emails arriving in a user's inbox

    • Training staff to recognise fraudulent emails and to avoid opening attachments from unrecognised senders

    • User access levels to prevent staff from being able to open files-types such as executable (.exe) files and batch (.bat) files

Pharming

What is a pharming?

  • Pharming is typing a website address into a browser and it is redirected to a 'fake' website to trick a user into typing in sensitive information such as passwords

  • An attacker attempts to alter DNS settings or change a users browser settings to redirect users to the fraudulent website

What are the effects of pharming?

  • The creator of the malicious content can gain unauthorised access to personal data such as login information, bank accounts and more

  • Pharming can lead to identity theft or fraudulent activity on credit cards and bank accounts

How can pharming be prevented?

  • Pharming can be prevented by:

    • Keeping anti-malware software up to date

    • Checking URLs regularly

    • Make sure the padlock icon is visible

Smishing & vishing

What is a smishing & vishing?

  • Smishing (SMS phishing) is a form of phishing where attackers use SMS to trick individuals into sharing sensitive information or downloading malicious content.

  • Vishing (voice phishing) is also a form of phishing involving fraudulent phone calls where attackers impersonate legitimate companies to get personal information

What are the effects of smishing and vishing?

  • These attacks can result in unauthorised access to personal data such as login information and bank accounts

  • They can lead to identity theft

How can pharming be prevented?

  • Pharming can be prevented by:

    • Keeping anti-malware software up to date

    • Checking URLs regularly

    • Make sure the padlock icon is visible

Viruses & malware

Why is malware a threat?

  • Malware (malicious software) is the term used for any software that has been created with malicious intent to cause harm to a computer system

  • Examples of issues caused by malware include

    • Files being deleted, corrupted or encrypted

    • Internet connection becoming slow or unusable

    • Computer crashing or shutting down 

  • Malware can exist in many forms, each designed to perform its role in different ways

Malware

What it Does

 Computer virus

  • A program which can replicate itself on a user's computer. It contains code that will cause unwanted and unexpected events to occur

  • Examples of issues a user may experience are

    • Corrupt files

    • Delete data

    • Prevent applications from running correctly

Trojan

  • Sometimes also called a Trojan Horse

  • Trojans disguise themselves as legitimate software but contain malicious code in the background 

Spyware

  • Software which will allow a person to spy on the users' activities on their devices

  • This form of software will be embedded into other software such as games or programs that have been downloaded from illegitimate sources

  • Spyware can record your screen, log your keystrokes to gain access to passwords and more

How can malware be prevented?

  • To protect against the threat of malware:

    • Ensure code is written correctly

    • Keep anti-malware software up to date

    • Install a firewall

    • Educate users

Card fraud

Why is card fraud a threat?

  • Card fraud is a threat as fraudsters will try to gain illegal access to credit and debit cards

  • The main way this is achieved is through:

    • Shoulder surfing (shouldering)

    • Card cloning

    • Keylogging

Shoulder Surfing

  • Observing a person's private information over their shoulder e.g. cashpoint machine PINs

  • This can be prevented by users ensuring they have covered over their PIN when entering it

Card cloning

  • This is the copying of the data from a user's credit or debit card by scanning the magnetic strip through a skimmer machine

  • Card cloning can be prevented by ensuring a card with a chip is being used and the chip can not be cloned, though the data on it can still be read

Keylogging

  • This is software installed to detect and store keystrokes from the keyboard and send the data back to the criminal

  • Data such as passwords and other secure data can be collected this way

  • To prevent key logging, users should frequently scan their system using anti-virus software and use cloud password software to prevent having to enter their details manually

You've read 0 of your 5 free revision notes this week

Sign up now. It’s free!

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

    Did this page help you?

    Previous:E-Safety: Using ITNext:Protection of Data
    Author
    Reviewer
    James Woodhouse

    Author: James Woodhouse

    Expertise: Computer Science

    James graduated from the University of Sunderland with a degree in ICT and Computing education. He has over 14 years of experience both teaching and leading in Computer Science, specialising in teaching GCSE and A-level. James has held various leadership roles, including Head of Computer Science and coordinator positions for Key Stage 3 and Key Stage 4. James has a keen interest in networking security and technologies aimed at preventing security breaches.

    Lucy Kirkham

    Author: Lucy Kirkham

    Expertise: Head of STEM

    Lucy has been a passionate Maths teacher for over 12 years, teaching maths across the UK and abroad helping to engage, interest and develop confidence in the subject at all levels.Working as a Head of Department and then Director of Maths, Lucy has advised schools and academy trusts in both Scotland and the East Midlands, where her role was to support and coach teachers to improve Maths teaching for all.