5.3.1 | CYBER SECURITY
Topics from the Cambridge IGCSE (9-1) Computer Science 0984 syllabus 2023 - 2025
5.3.1 Describe the processes involved in, and the aim of carrying out, a range of cyber security threats
Including:
– brute-force attack
– data interception
– distributed denial of service (DDoS) attack
– hacking
– malware (virus, worm, Trojan horse, spyware, adware, ransomware)
– pharming
– phishing
– social engineering
ALSO IN THIS TOPIC
 5.1.1 - 5.1.3 THE INTERNET AND THE WWW
 5.1.4 WEB BROWSERS
5.1.5 WEB PROTOCOLS
5.1.6 COOKIES AND SESSIONS
5.2.1 - 5.2.2 DIGITAL CURRENCY
 YOU ARE HERE | 5.3.1 CYBER SECURITY
5.3.2 KEEPING DATA SAFE
TOPIC 5 REVISION CARDS
TOPIC 5 KEY TERMINOLOGY (CIE)
TOPIC 5 ANSWERS
TOPIC 5 TEACHER RESOURCES
CYBER SECURITY
At GCSE level, you should be able to describe the processes involved in and the aims of carrying out a range of cyber security threats, including:

Phishing: The process of phishing involves sending fraudulent emails or messages that appear to be from a legitimate source, such as a bank or government agency, in order to trick the recipient into providing sensitive information or login credentials. The aim of phishing is to steal sensitive information, such as personal data, financial information, or login credentials, in order to gain unauthorized access to a system or steal money.

Malware: The process of malware infection can occur through various means such as email attachments, infected software downloads, or by exploiting vulnerabilities in software or operating systems. The aim of malware is to cause harm to the infected computer system, steal sensitive information, or use the infected computer as a point of entry to the network.

Distributed Denial of Service (DDoS) attack: A DDoS attack is a method of overwhelming a server or network with a large number of requests in order to disrupt the availability of a service. The process of a DDoS attack involves using a network of infected computers, known as a botnet, to flood the target server or network with traffic. The aim of a DDoS attack is to disrupt the availability of a service, such as a website, making it inaccessible to legitimate users.

Social Engineering: Social engineering is a tactic used by cyber criminals to trick people into giving away sensitive information or access to a computer system. This type of attack typically relies on psychological manipulation and exploiting human nature, rather than technical vulnerabilities. The aim of social engineering is to trick users into giving away sensitive information, such as login credentials or financial information. Examples of social engineering tactics include phishing emails that appear to be from a legitimate source, such as a bank or a government agency, and asking the recipient to provide personal information or login credentials. Social engineering can also involve phone scams, where a person pretending to be from a reputable organization, such as a bank, and asking for personal information.

To protect against social engineering attacks, it is important to be cautious when providing personal information, such as login credentials or financial information, over the phone or via email. It is also important to be suspicious of unsolicited phone calls or emails, even if they appear to be from a legitimate source. Additionally, it's important to be aware of common social engineering tactics and to educate yourself and others about how to recognize and avoid them.

Ransomware: Ransomware is a type of malware that encrypts personal files and demands payment for the decryption key. The process of a ransomware attack can occur through various means such as email attachments, infected software downloads, or by exploiting vulnerabilities in software or operating systems. The aim of ransomware is to extort money from the victim by threatening to delete or publish personal files if payment is not made.

It is important to understand that these cyber security threats are constantly changing and evolving and that the best way to protect themselves is to be aware of the latest threats and to take appropriate security measures.
TYPES OF MALWARE
A virus is a type of malware that attaches itself to a legitimate program or file and replicates itself when that program or file is executed. The process of a virus infection can occur through various means such as email attachments, infected software downloads, or by sharing infected files. The aim of a virus is to cause harm to the infected computer system or to steal sensitive information. An example of a virus is a malware that attaches itself to a legitimate email attachment and then replicates itself when the attachment is opened. To protect against viruses, it is important to keep software and operating systems up-to-date, use anti-virus software, and be cautious when opening email attachments or links from unknown sources.

A worm is a type of malware that is able to replicate itself and spread through networks. The process of a worm infection can occur through various means such as email attachments, infected software downloads, or by exploiting vulnerabilities in software or operating systems. The aim of a worm is to cause harm to the infected computer system, steal sensitive information, or to use the infected computer as a point of entry to the network. An example of a worm is a malware that spreads through a network by exploiting a vulnerability in the network's operating system, then replicating itself and spreading to other computers on the network. To protect against worms, it is important to keep software and operating systems up-to-date, use anti-virus software, and be cautious when opening email attachments or links from unknown sources.

A Trojan horse is a type of malware that disguises itself as a legitimate program or file in order to trick a user into executing it. The process of a Trojan horse infection can occur through various means such as email attachments, infected software downloads, or by disguising itself as a legitimate program or file. The aim of a Trojan horse is to gain unauthorized access to a computer system, steal sensitive information, or to use the infected computer as a point of entry to the network. An example of a Trojan horse is a malware that disguises itself as a legitimate game or application and tricks the user into downloading and installing it on their computer. To protect against Trojan horses, it is important to be cautious when downloading software or files from unknown sources, and to use anti-virus software.

Spyware is a type of malware that is used to collect personal information, such as browsing history, login credentials, and financial information, without the user's knowledge or consent. The process of spyware infection can occur through various means such as email attachments, infected software downloads, or by disguising itself as a legitimate program or file. The aim of spyware is to collect sensitive information and pass it on to the attacker or to use the infected computer as a point of entry to the network. An example of spyware is a malware that tracks a user's browsing history and keystrokes to steal login credentials and financial information. To protect against spyware, it is important to be cautious when downloading software or files from unknown sources, and to use anti-virus and anti-spyware software.
CyberCast - Dive into Cybersecurity Threats
Scenario: "You are a cyber security expert who has been invited to speak on 'CyberSecure Podcast', a popular Podcast program, to educate the public about various cyber threats."

1: Script Creation
Use an AI platform to draft a podcast script that simulates a conversation between the podcast host and you, the expert guest speaker.
Ensure your script covers the following cyber-security principles and describes the processes involved in, and the objectives of, the specified cyber security threats:
  • brute-force attack
  • data interception
  • distributed denial of service (DDoS) attack
  • hacking
  • malware (specifying virus, worm, Trojan horse, spyware, adware, ransomware)
  • pharming
  • phishing
  • social engineering

2: Voice Over Production
Seek a FREE online platform capable of converting text to speech for your podcast. Tools such as naturalreaders, speechify,  might offer this capability or you can explore platforms dedicated to text-to-speech conversion.

3: Recording
Utilize the chosen platform to convert your script into an audio format, effectively creating your podcast episode. Ensure to save or download the finished audio.

4: Peer Review
Exchange your podcast episode with a classmate. Listen attentively and jot down feedback, particularly focusing on areas such as content clarity, voice modulation, or the potential need for additional effects.
ALSO IN THIS TOPIC
5.1.1 - 5.1.3 THE INTERNET AND THE WWW
5.1.4 WEB BROWSERS
5.1.5 WEB PROTOCOLS
5.1.6 COOKIES AND SESSIONS
5.2.1 - 5.2.2 DIGITAL CURRENCY
5.3.1 CYBER SECURITY
5.3.2 KEEPING DATA SAFE
TOPIC 5 REVISION CARDS
TOPIC 5 KEY TERMINOLOGY (CIE)
TOPIC 5 ANSWERS
TOPIC 5 TEACHER RESOURCES
SUGGESTIONS
We would love to hear from you
SUBSCRIBE 
To enjoy more benefits
We hope you find this site useful. If you notice any errors or would like to contribute material then please contact us.