Learning Objectives
  • Define cyber security as protecting computer systems, networks and data from digital threats.
  • Distinguish a threat process from its aim or intended result.
  • Recognise the complete syllabus range of cyber security threats.
  • Use precise cause-and-effect language when describing attacks.
Key Terms
Cyber security
Protection of computer systems, networks and data from digital attacks and unauthorised activity.
Threat
A possible event or action that can cause harm to a system or data.
Attack
A deliberate attempt to compromise a system, service or data.
Unauthorised access
Access gained without the required permission.
Confidentiality
Keeping data from being disclosed to unauthorised people.
Integrity
Keeping data accurate and protected from unauthorised alteration.
Availability
Keeping systems and data accessible to authorised users when required.
Vulnerability
A weakness that can be exploited by a threat.
Summary diagram
Summary Of The Main Ideas In This Lesson
Understanding A Cyber Security Threat

A cyber security threat is a process or action that can harm a computer system, network, service or data. The syllabus requires candidates to describe both the processes involved and the aim of a range of threats.

The process explains how the attack works. The aim explains what the attacker intends to achieve, such as obtaining unauthorised access, stealing information, disrupting a service or demanding payment. A complete examination answer often needs both.

Threats can target confidentiality, integrity or availability. Data interception threatens confidentiality. Unauthorised alteration threatens integrity. A distributed denial of service attack targets availability by preventing legitimate users from accessing a service.

The Required Threat Range

The prescribed threats are brute-force attack, data interception, distributed denial of service attack, hacking, malware, pharming, phishing and social engineering. Malware includes virus, worm, Trojan horse, spyware, adware and ransomware.

These categories can overlap in a real incident. For example, social engineering may persuade a user to reveal a password, after which an attacker hacks into an account. A phishing message may contain a link to a fraudulent page or may attempt to install malware. Candidates should still identify the named threat and describe its particular process.

From Vulnerability To Impact

An attack often begins with a weakness. The weakness may be technical, such as unpatched software, or human, such as a user trusting an urgent fraudulent message. The attacker exploits the weakness to perform an unauthorised action.

The impact depends on the target. Stolen login details may lead to account access. Ransomware can make files unavailable. Spyware can secretly collect information. A DDoS attack can overwhelm a service so that legitimate users cannot obtain responses.

In examination questions, connect each stage: identify the method, explain how it operates, then state the aim or impact.

Avoiding Vague Descriptions

Statements such as “it attacks the computer” are too vague. A precise description names what is done. For example, a brute-force attack repeatedly tries possible passwords until a correct one is found.

Similarly, “hacking steals data” is incomplete because hacking refers to gaining unauthorised access. Data theft may be the aim or a later action. The process and aim should not be confused.

Threat, Process And Possible Aim
Threat Core Process Possible Aim
Brute-force attack Repeatedly tries many possible credentials Discover a password and gain access
Data interception Captures data while it is being transmitted Read sensitive information
DDoS attack Many devices flood a service with traffic or requests Make the service unavailable
Hacking Gains unauthorised access to a system View, steal, change or damage data
Malware Malicious software performs unwanted actions Damage, monitor, advertise, spread or demand payment
Pharming or phishing Redirects or deceives a user into trusting a false destination or message Obtain personal or login information
Social engineering Manipulates a person into weakening security Gain information, access or an unsafe action
Worked Examples
Process Versus Aim

Question: A candidate writes, “The aim of brute force is to try every password.” Improve the statement.

  1. Recognise that trying passwords describes the process.
  2. State the likely intended result.

Answer: The process is repeatedly trying possible passwords. The aim is to discover the correct password and gain unauthorised access.

Classifying An Impact

Question: An online service is flooded with requests and genuine users cannot connect. Which security property is mainly affected?

  1. Identify the effect: authorised users cannot access the service.
  2. Match the effect to confidentiality, integrity or availability.

Answer: Availability is mainly affected.

Examination Guidance
  • For each threat, learn both how it works and what the attacker wants.
  • Use specific verbs: intercepts, redirects, copies, encrypts, floods, records or repeatedly guesses.
  • Do not use malware as a synonym for every cyber attack.
  • Connect the attack to confidentiality, integrity or availability where useful.
Common Mistakes
  • Giving only a list of threat names.
  • Describing the aim as if it were the attack process.
  • Calling all unauthorised access a virus.
  • Using vague phrases such as “breaks the internet” without explaining the mechanism.
Knowledge Check

1. What is the difference between an attack process and an attack aim?

Answer: The process is how the attack is carried out; the aim is the result the attacker intends to achieve.

2. Which security property is threatened when secret data is read by an unauthorised person?

Answer: Confidentiality.

3. Which threat aims to make a service unavailable by flooding it?

Answer: A distributed denial of service attack.

4. Name the six malware types required by the syllabus.

Answer: Virus, worm, Trojan horse, spyware, adware and ransomware.

5. Why can human behaviour be a vulnerability?

Answer: A person can be manipulated into revealing information or carrying out an unsafe action.