Edexcel GCSE Computer Science

Cybersecurity & Network Security

Master threats, vulnerabilities, and protection methods to keep digital systems safe and secure.

5.2 Network Security 5.3.1 Cyber Threats 5.3.2 Protection Methods
0
Activities
0
Correct
0
Streak

Network Security

Understanding why networks need protection and how to identify vulnerabilities

🔒

Why is Network Security Important?

Network security is the practice of protecting computer networks and their data from unauthorized access, attacks, and damage. As more of our lives move online, protecting networks has become critical.

Key Reasons for Network Security:
  • Protecting sensitive data - Personal information, financial records, and business secrets must be kept confidential
  • Preventing financial loss - Cyberattacks can cost businesses millions in damages and lost revenue
  • Maintaining trust - Customers and users expect their data to be protected
  • Legal compliance - Laws like GDPR require organizations to protect personal data
  • Ensuring availability - Systems must remain accessible to authorized users

Without proper security, networks are vulnerable to data theft, service disruption, financial fraud, and reputational damage.

🔍

Identifying Network Vulnerabilities

Organizations use specialized techniques to find weaknesses in their networks before attackers can exploit them.

Penetration Testing
A simulated cyberattack performed by security professionals to identify vulnerabilities. Testers attempt to breach security using the same methods as real attackers, but with permission.

Process: Planning → Scanning → Gaining Access → Maintaining Access → Analysis → Reporting
Ethical Hacking
Authorized hacking performed by "white hat" hackers who use their skills to help organizations. They legally break into systems to expose weaknesses and help fix them.

Key difference: Ethical hackers have written permission and report all findings to help improve security.

📝 Exam Tip

Remember: Penetration testing and ethical hacking are legal because they are authorized by the organization. The same actions without permission would be illegal under the Computer Misuse Act.

🛡️

Methods of Protecting Networks

🔐
Access Control
Restricting who can access the network and what they can do.
  • Strong passwords and password policies
  • User authentication (usernames, PINs, biometrics)
  • Access levels and permissions
  • Two-factor authentication (2FA)
  • Account lockout after failed attempts
🏢
Physical Security
Protecting the actual hardware and infrastructure.
  • Locked server rooms
  • Security cameras (CCTV)
  • ID badges and access cards
  • Visitor sign-in procedures
  • Biometric locks (fingerprint, retina)
🧱
Firewalls
A security barrier between a trusted network and untrusted networks.
  • Monitors incoming and outgoing traffic
  • Blocks unauthorized access attempts
  • Uses rules to filter traffic
  • Can be hardware or software based
  • Creates a protected perimeter
How a Firewall Works:

A firewall examines all data packets trying to enter or leave a network. It checks each packet against a set of security rules. If a packet matches an "allow" rule, it passes through. If it matches a "block" rule or doesn't match any allow rule, it's stopped. This prevents malicious traffic from entering and sensitive data from leaving without authorization.

Malware Threats

Understanding the different types of malicious software that threaten digital systems

☠️

What is Malware?

Malware (malicious software) is any software intentionally designed to cause damage to a computer, server, network, or user. It can steal data, spy on users, encrypt files for ransom, or simply cause destruction.

Common ways malware spreads:
  • Email attachments and links
  • Downloading from untrusted websites
  • Infected USB drives
  • Exploiting software vulnerabilities
  • Pirated software and media
🦠
Virus
A program that attaches itself to a legitimate file and spreads when that file is shared. Requires human action to activate and spread.
Example: A virus attached to a Word document that infects your computer when you open it, then spreads to other documents you share.
🐛
Worm
A self-replicating program that spreads across networks automatically without needing a host file or human action.
Example: The "ILOVEYOU" worm spread via email, automatically sending itself to everyone in the victim's contact list.
🐴
Trojan
Malware disguised as legitimate software. Users are tricked into installing it, thinking it's a useful program.
Example: A free game download that secretly installs a backdoor, allowing hackers to access your computer remotely.
💰
Ransomware
Encrypts the victim's files and demands payment (ransom) to decrypt them. Often demands payment in cryptocurrency.
Example: WannaCry attacked the NHS in 2017, encrypting patient records and demanding Bitcoin payment to restore access.
⌨️
Keylogger
Records every keystroke typed on the infected device. Used to steal passwords, credit card numbers, and personal messages.
Example: A keylogger captures your online banking password as you type it, sending it to a cybercriminal.
👁️
Spyware
Secretly monitors user activity and collects personal information without consent. Can track browsing, capture screenshots, or access webcams.
Example: Spyware installed on a phone tracks GPS location, reads messages, and records calls without the user knowing.

📝 Exam Tip

Key differences to remember: Viruses need a host file and human action to spread. Worms spread automatically without human help. Trojans look like normal software but hide malicious code inside.

Technical Vulnerabilities

How hackers exploit weaknesses in systems and software

⚠️

Exploiting Technical Vulnerabilities

Hackers look for weaknesses in software and systems that they can exploit to gain unauthorized access or cause damage.

Vulnerability Description How Hackers Exploit It
Unpatched Software Software that hasn't been updated with the latest security fixes Hackers use known exploits for old vulnerabilities that have already been fixed in updates
Out-of-date Anti-malware Security software with outdated virus definitions New malware can slip past because the software doesn't recognize it
Zero-day Exploits Vulnerabilities unknown to the software developer Attacks before any patch exists, giving victims "zero days" to prepare
Weak Passwords Simple or commonly used passwords Brute force attacks and dictionary attacks to guess passwords
SQL Injection Poorly coded websites that don't validate input Insert malicious database commands through web forms
Open Ports Unnecessary network services running Scan for open ports and exploit vulnerable services
Why Updates Matter:

When a security flaw is discovered, software companies release patches to fix it. However, once a patch is released, hackers can reverse-engineer it to understand the vulnerability. This creates a race between users updating their systems and hackers exploiting those who haven't updated.

🔓

Common Attack Methods

Brute Force Attack
Systematically trying every possible password combination until finding the correct one. Modern computers can try millions of combinations per second.
Dictionary Attack
Using a list of common words and passwords to try to gain access. Faster than brute force because it targets likely passwords first.
Denial of Service (DoS)
Flooding a network or server with traffic to make it unavailable to legitimate users. DDoS uses multiple attacking computers.
Man-in-the-Middle
Intercepting communications between two parties to eavesdrop or alter messages without either party knowing.

Social Engineering

How attackers manipulate people rather than technology

🎭

What is Social Engineering?

Social engineering is the art of manipulating people into revealing confidential information or performing actions that compromise security. Instead of attacking systems directly, social engineers exploit human psychology and trust.

Why it works:
  • People naturally want to be helpful
  • Fear and urgency cloud judgment
  • Authority figures are trusted
  • Curiosity can override caution
  • People often take shortcuts under pressure

📝 Exam Tip

Social engineering attacks exploit human weaknesses, not technical ones. The best defense is user education and awareness training. Remember the different types: Phishing (email), Smishing (SMS), Vishing (voice/phone).

Protection Methods

How to protect digital systems and data from cyber threats

🛡️
Anti-malware Software
Software that detects, prevents, and removes malicious software from computers and networks.
  • Real-time scanning of files and downloads
  • Regular full-system scans
  • Automatic updates for latest threat definitions
  • Quarantine suspicious files
  • Includes antivirus, anti-spyware, and anti-ransomware
🔐
Encryption
Converting data into a coded format that can only be read with the correct decryption key.
  • Protects data in transit (HTTPS, VPN)
  • Protects data at rest (encrypted drives)
  • End-to-end encryption for messages
  • Even if data is stolen, it's unreadable
  • Uses algorithms like AES, RSA
📋
Acceptable Use Policies (AUP)
Rules that define how users may use an organization's computer systems and network.
  • Defines acceptable and prohibited activities
  • Password requirements and policies
  • Rules for email and internet use
  • Consequences for policy violations
  • Signed by users to confirm understanding
💾
Backup & Recovery
Creating copies of data that can be restored if the original is lost, corrupted, or encrypted by ransomware.
  • Regular automated backups
  • 3-2-1 rule: 3 copies, 2 media types, 1 offsite
  • Test recovery procedures regularly
  • Air-gapped backups (offline, disconnected)
  • Essential for ransomware protection
🔥
Firewalls
Security barriers that monitor and control network traffic based on predetermined security rules.
  • Blocks unauthorized incoming connections
  • Prevents data exfiltration
  • Can be hardware or software based
  • Packet filtering and inspection
  • First line of defense for networks
🎓
User Education
Training users to recognize and avoid security threats, especially social engineering attacks.
  • Phishing awareness training
  • Password best practices
  • Safe browsing habits
  • Reporting suspicious activity
  • Regular security updates and reminders
🔑

Additional Security Measures

Two-Factor Authentication (2FA)
Requires two different types of verification: something you know (password) + something you have (phone code) or something you are (fingerprint).
Software Updates
Keeping all software up-to-date ensures known vulnerabilities are patched before attackers can exploit them.
Network Monitoring
Continuously watching network traffic for unusual activity that might indicate an attack or breach.
Access Controls
Limiting user permissions to only what they need for their job (principle of least privilege).

📝 Exam Tip

When asked about protection methods, always explain what the method is and how it protects against specific threats. For example: "Encryption protects data by converting it to unreadable code, so even if hackers steal the data, they cannot read it without the decryption key."

Memory Game

Match the cybersecurity terms with their definitions

0
Moves
0/8
Pairs Found

Categorize

Drag each item into the correct category: Threat or Protection

📦 Items Bank - Drag items to the correct category

☠️ THREATS

🛡️ PROTECTION

Match the Attack to Protection

Click an attack, then click the best protection method against it

0/6
Matched

⚠️ Attacks & Threats

🛡️ Protection Methods

Knowledge Quiz

Test your understanding of cybersecurity concepts