1.4.1
Threats to Computer Systems and Networks
The key to network security questions is identifying the attack, explaining how it works, and saying what the attacker is trying to achieve. The attack types you need to know include malware, phishing, brute-force attacks, denial of service, data interception, and SQL injection.
What you need to know
- Describe how different attack types are used.
- Explain the purpose of malware, phishing, brute-force attacks, DoS attacks, and SQL injection.
- Recognise the attack being described in a scenario.
- Link attacks to the damage or risk they create.
Big Picture
Why network threats matter
Security threats can lead to lost data, stolen information, damaged systems, and services becoming unavailable.
You should know both how an attack works and why an attacker might use it. That might be to steal data, gain access, cause disruption, or trick users into revealing information.
- Some attacks target the device or software.
- Some attacks target the network connection.
- Some attacks target the human user as the weak point.
Common Threats
Malware and social engineering
These are among the most common attack types because they often rely on user mistakes.
| Threat | How it works | What the attacker wants |
|---|---|---|
| Malware | Malicious software is installed on a device | Damage files, steal data, or gain control |
| Phishing | A fake message or website tricks a user into giving details | Steal passwords, bank details, or personal data |
| Social engineering | The attacker manipulates a person into helping them | Bypass security through human behaviour |
Exam wording
Phishing is one example of social engineering, but social engineering is the wider idea of tricking people into helping an attacker.
Access and Disruption
Brute-force attacks and denial of service
These two attacks have different aims, so do not mix them up.
- Brute-force attacks repeatedly try password combinations until the correct one is found.
- Weak or short passwords are much easier to break using brute force.
- A denial of service attack floods a system or network with traffic so legitimate users cannot access it properly.
- The aim of a DoS attack is disruption rather than secretly logging in.
Strong comparison
Brute force is mainly about gaining access. Denial of service is mainly about making a service unavailable.
Data Theft
Data interception, theft, and SQL injection
You need to recognise both network-based theft and attacks on data systems.
Data interception means capturing data while it is travelling across a network. If that data is not protected, an attacker may read or steal it.
SQL injection happens when an attacker enters code into an input field so the database query is changed in a harmful way. This can allow unauthorised access to data.
- Interception targets data in transit.
- SQL injection targets database queries.
- Both can lead to stolen confidential data.
SQL injection in one sentence
SQL injection is when harmful input changes the meaning of a database query.
Key takeaways
- Different attacks work in different ways, so accurate exam language matters.
- Social engineering attacks exploit people rather than hardware.
- A brute-force attack tries many password combinations until one works.
- A denial of service attack tries to stop legitimate users accessing a service.
- SQL injection targets database queries by inserting malicious input.
Glossary
- Malware
- Malicious software designed to damage, disrupt, or gain unauthorised access.
- Phishing
- A scam that tricks users into revealing sensitive information.
- Brute-force attack
- Trying many password combinations until the correct one is found.
- Denial of service
- An attack that floods a service with traffic so it cannot respond properly.
- SQL injection
- An attack where malicious input changes a database query.
Test yourself
Common questions