Skip to main content

πŸ” Cyber Security – CIE IGCSE Computer Science Notes

1️⃣ What is Cyber Security?

πŸ”‘ Definition​

Cyber security is:

The protection of computer systems, networks and data from theft, damage or unauthorised access.

🎯 Main Aim of Cyber Security​

To ensure:

  • Confidentiality β†’ data is kept private
  • Integrity β†’ data is accurate and not altered
  • Availability β†’ systems and data are accessible when needed

(These are often called the CIA triad.)

2️⃣ Cyber Security Threats

You must be able to:

βœ” Describe the processes involved
βœ” Explain the aim of each attack

πŸ”¨ 1. Brute-Force Attack​

πŸ”Ž Process:​

  • The attacker tries many password combinations repeatedly.
  • Uses automated software to guess passwords.

🎯 Aim:​

  • To gain unauthorised access to an account.

πŸ›‘ Prevention:​

  • Strong passwords
  • Account lockout after failed attempts
  • Two-step verification

πŸ“‘ 2. Data Interception​

πŸ”Ž Process:​

  • Data is captured while being transmitted across a network.
  • Often happens on unsecured Wi-Fi networks.

🎯 Aim:​

  • To steal sensitive information (passwords, banking details).

πŸ›‘ Prevention:​

  • Use SSL encryption
  • Use secure Wi-Fi
  • Use VPNs or proxy servers

🌊 3. Distributed Denial of Service (DDoS) Attack​

πŸ”Ž Process:​

  • Many computers flood a server with traffic.
  • The server becomes overloaded.

🎯 Aim:​

  • To make a website or service unavailable.

πŸ›‘ Prevention:​

  • Firewalls
  • Traffic monitoring
  • Server redundancy

πŸ§‘β€πŸ’» 4. Hacking​

πŸ”Ž Process:​

  • Exploiting weaknesses in systems.
  • Gaining unauthorised access.

🎯 Aim:​

  • Steal data
  • Modify data
  • Cause disruption

πŸ’» 5. Malware

πŸ”‘ Definition​

Malware is malicious software designed to harm systems or steal data.

🦠 Types of Malware​

1. Virus​

  • Attaches to files.
  • Spreads when the file is opened.

2. Worm​

  • Self-replicates.
  • Spreads across networks automatically.

3. Trojan Horse​

  • Disguised as legitimate software.
  • Contains hidden malicious code.

4. Spyware​

  • Secretly collects user data.

5. Adware​

  • Displays unwanted advertisements.

6. Ransomware​

  • Encrypts files.
  • Demands payment to unlock them.

🎯 Aim of Malware​

  • Steal information
  • Damage systems
  • Extort money
  • Monitor activity

🌐 6. Phishing​

πŸ”Ž Process:​

  • Fake emails or messages pretending to be legitimate.
  • Trick users into giving personal information.

🎯 Aim:​

  • Steal passwords or financial information.

🌍 7. Pharming

πŸ”Ž Process:​

  • Redirects users to fake websites without their knowledge.
  • Often via DNS manipulation.

🎯 Aim:​

  • Capture login details.

🧠 8. Social Engineering​

πŸ”Ž Process:​

  • Manipulating people into revealing information.
  • Exploits human psychology rather than technical weakness.

🎯 Aim:​

  • Obtain confidential information.

Example:
Pretending to be IT support.

3️⃣ Cyber Security Solutions

You must explain how each protects data.

πŸ”‘ 1. Access Levels​

Different users have different permissions.

Example:

  • Admin β†’ Full access
  • User β†’ Limited access

Prevents unauthorised modification of data.

πŸ›‘ 2. Anti-Malware Software​

Includes:

  • Anti-virus
  • Anti-spyware

How It Works:​

  • Scans files
  • Detects suspicious behaviour
  • Removes threats

πŸ” 3. Authentication Methods​

a) Username and Password​

Basic method of verifying identity.

b) Biometrics​

Uses:

  • Fingerprint
  • Facial recognition
  • Retina scan

c) Two-Step Verification (2FA)​

Requires:

  • Password
  • Additional code (e.g., SMS)

Provides stronger security.

πŸ”„ 4. Automating Software Updates​

Keeps systems protected against:

  • Newly discovered vulnerabilities.

βœ‰οΈ 5. Checking Spelling and Tone​

Phishing emails often:

  • Contain spelling errors
  • Sound urgent or threatening

Always check carefully.

πŸ”— 6. Checking the URL​

Before clicking a link:

  • Check domain name carefully.
  • Look for misspellings.
  • Look for HTTPS.

πŸ”₯ 7. Firewalls​

πŸ”Ž Definition:​

A firewall monitors and controls incoming and outgoing network traffic.

Blocks suspicious traffic.

βš™οΈ 8. Privacy Settings​

Control:

  • Who can see your information
  • What data apps can access

Reduces risk of data exposure.

🌍 9. Proxy Servers​

Acts as an intermediary between user and internet.

  • Hides IP address.
  • Improves security.

πŸ”’ 10. Secure Socket Layer (SSL)​

SSL:

  • Encrypts data between browser and website.
  • Prevents interception.

Indicated by:

πŸ” HTTPS in address bar.

πŸ“Š Summary Table

ThreatPrevention
Brute-forceStrong passwords, 2FA
Data interceptionSSL, encryption
DDoSFirewalls
MalwareAnti-virus
PhishingCheck email tone and URL
Social engineeringStaff training
HackingAuthentication + firewalls

🎯 Exam Tips

βœ” When describing a threat β†’ explain process + aim
βœ” When explaining a solution β†’ explain how it protects data
βœ” Use technical terms correctly
βœ” Avoid vague answers like β€œit protects the system”

🚨 Common Exam Mistakes

❌ Confusing phishing and pharming
❌ Saying firewall removes viruses
❌ Forgetting to mention encryption in SSL
❌ Saying 2FA replaces passwords (it adds to them)
❌ Not explaining the aim of the attack

πŸ“ Example 6-Mark Question Structure

Question:
Describe phishing and explain how it can be prevented.

Answer Structure:

  • Phishing involves sending fake emails pretending to be legitimate organisations.
  • It tricks users into revealing personal information.
  • It aims to steal passwords or financial details.
  • Prevention includes checking email tone and spelling.
  • Checking the URL before clicking links.
  • Using two-step verification.

🧠 Key Concepts to Remember

Cyber security β†’ Protect data
Threat β†’ What causes harm
Vulnerability β†’ Weakness
Authentication β†’ Proving identity
Encryption β†’ Scrambling data
Firewall β†’ Controls traffic