Threats to Computer Systems and Networks (Malware, Phishing, Hacking)

OCR

GCSE

Cyber security threats compromise the confidentiality, integrity, and availability of data within computer systems. Candidates must distinguish between technical vulnerabilities, such as unpatched software susceptible to SQL injection or malware, and human vulnerabilities exploited through social engineering techniques like phishing. The study encompasses the mechanisms of attack, including brute force, data interception, and Denial of Service (DoS), and requires a critical analysis of the resultant impacts on individuals and organizations.

Objectives

Exam Tips

Pitfalls

Key Terms

Mark Points

What You Need to Demonstrate

Key skills and knowledge for this topic

Award 1 mark for stating that ransomware encrypts user data and demands payment for the decryption key
Award 1 mark for explaining that a firewall monitors incoming and outgoing traffic and blocks unauthorised access based on pre-set rules
Credit responses that identify 'people' or 'users' as the weak point in social engineering attacks
Award 1 mark for describing SQL injection as the insertion of malicious SQL code into input fields to access or modify the database
Award 1 mark for linking 'penetration testing' to the proactive identification of vulnerabilities before they can be exploited

Marking Points

Key points examiners look for in your answers

Award 1 mark for stating that ransomware encrypts user data and demands payment for the decryption key
Award 1 mark for explaining that a firewall monitors incoming and outgoing traffic and blocks unauthorised access based on pre-set rules
Credit responses that identify 'people' or 'users' as the weak point in social engineering attacks
Award 1 mark for describing SQL injection as the insertion of malicious SQL code into input fields to access or modify the database
Award 1 mark for linking 'penetration testing' to the proactive identification of vulnerabilities before they can be exploited

Examiner Tips

Expert advice for maximising your marks

💡When asked about SQL injection prevention, always specify 'input sanitisation' or 'input validation' rather than generic phrases like 'better coding'
💡In 8-mark 'Discuss' questions, ensure you structure your answer to cover the specific scenario context (AO2) and evaluate the impact/solution (AO3), rather than just listing definitions
💡Distinguish clearly between 'identifying' a vulnerability (AO1) and 'explaining' how it impacts the specific network in the question (AO2) - context is essential for the second mark
💡Remember that 'encryption' does not prevent interception; it prevents the intercepted data from being understood

Common Mistakes

Pitfalls to avoid in your exam answers

Confusing 'anti-virus' with 'firewalls'; students often use them interchangeably rather than distinguishing their specific roles (software scanning vs. traffic filtering)
Describing a DDoS attack simply as 'slow internet' without explaining the mechanism of flooding the server with requests from multiple sources (botnet)
Providing vague prevention methods such as 'use better security' instead of specific technical measures like 'implement biometric access control' or 'enforce strong password policies'
Failing to distinguish between 'phishing' (emails), 'blagging' (invented scenario), and 'shouldering' (looking over shoulder)

Study Guide Available

Comprehensive revision notes & examples

Read Study Guide

Key Terminology

Essential terms to know

Malware classification (Viruses, Worms, Trojans, Ransomware, Spyware)

Social Engineering tactics (Phishing, Blagging, Shouldering)

Technical attack vectors (SQL Injection, Brute Force, DDoS, Man-in-the-Middle)

Impact analysis (Data loss, financial implications, reputational damage)

Likely Command Words

How questions on this topic are typically asked

Identify

Describe

Explain

Discuss

State

Ready to test yourself?

Practice questions tailored to this topic