Cybersecurity
Subject: Computer Science
Topic: 7
Cambridge Code: 0478
Security Threats
Malware
Malware - Malicious software designed to damage
Types:
Virus:
- Attaches to legitimate files
- Spreads when file executed
- Requires user action
- Can corrupt data, slow system
Worm:
- Self-replicating
- Spreads through networks
- No user action needed
- Consumes bandwidth, spreads quickly
Trojan (Trojan Horse):
- Disguised as legitimate software
- Appears useful but performs harm
- Opens backdoors for others
- Steals data, gives access
Spyware:
- Monitors user activity
- Collects personal information
- Keylogging, screen recording
- Targeted at sensitive data
Ransomware:
- Encrypts user files
- Demands payment for decryption
- Blocks system access
- Financial extortion
Adware:
- Displays unwanted advertisements
- Slows system
- Tracks browsing
- Intrusive but less dangerous
Hacking and Social Engineering
Hacking:
- Unauthorized access to systems
- Exploits vulnerabilities
- Can be criminal or ethical (white-hat)
Social Engineering:
- Manipulates people into revealing secrets
- Phishing: Fraudulent emails/websites
- Pretexting: False pretenses
- Baiting: Offering rewards
Encryption
Encryption - Converting data to unreadable form
Symmetric Encryption
Same key for encryption and decryption
- Key: Secret shared between parties
- Process: Plaintext + Key → Ciphertext
- Example: Caesar cipher, AES
Advantages:
- Fast
- Small files
- Common use
Disadvantages:
- Key sharing problem
- Many keys needed for many people
Asymmetric Encryption (Public-Key)
Different keys for encryption and decryption
- Public key: Encrypts data, widely known
- Private key: Decrypts data, kept secret
Process:
- Person gets public key
- Encrypts message with public key
- Recipient uses private key to decrypt
- No one else can decrypt
Advantages:
- Solves key distribution
- Digital signatures
- One key pair per person
Disadvantages:
- Slower than symmetric
- Larger files
- More processing
SSL/TLS
SSL/TLS - Secure web communication
- HTTPS: HTTP + encryption
- Certificate: Verifies website identity
- Handshake: Negotiates encryption keys
- Port 443: Encrypted web traffic
Authentication
Authentication - Verifying identity
Passwords
Characteristics:
- Something you know
- Should be strong (12+ characters, mixed case, numbers, symbols)
- Unique per account
- Changed regularly
Problems:
- Weak passwords easily guessed
- Reuse across accounts
- Database breaches expose hashes
Multi-Factor Authentication (MFA)
Requires multiple verification methods:
- Something you know: Password
- Something you have: Phone, key
- Something you are: Biometric (fingerprint, face)
Security benefit:
- Even if password stolen, still protected
- Dramatically increases security
Biometrics
Physical characteristics:
- Fingerprint scanning
- Facial recognition
- Iris/retina scanning
- Voice recognition
Advantages:
- Hard to forge
- Unique and permanent
- Can't forget
Disadvantages:
- Privacy concerns
- Fails on injury/aging
- Expensive systems
Access Control
Access control - Restrictions on who can access what
Authentication vs Authorization
Authentication: "Are you who you claim?" Authorization: "Are you allowed to access this?"
User Permissions
File permissions:
- Read: View content
- Write: Modify content
- Execute: Run program
- Delete: Remove file
By type:
- Owner permissions
- Group permissions
- Others permissions
Example: chmod 755 (Unix)
- Owner: Read, Write, Execute
- Group: Read, Execute
- Others: Read, Execute
Firewalls
Firewall - Filters network traffic
Hardware Firewall
- Network level
- Protects entire network
- Examines packets
- Allows/blocks based on rules
Software Firewall
- Computer level
- Protects individual computer
- Monitors applications
- Allows/blocks connections per program
How it Works
Rules define:
- Allowed/blocked ports
- Allowed/blocked IP addresses
- Allowed/blocked applications
- Connection directions (inbound/outbound)
Filtering:
- Stateless: Each packet evaluated independently
- Stateful: Remembers established connections
Data Protection
Data Privacy
Principles:
- Only collect necessary data
- Protect confidentiality
- Allow access only to authorized
- Respect user privacy rights
GDPR (General Data Protection Regulation)
EU regulation for personal data:
- Right to access data
- Right to deletion ("right to be forgotten")
- Transparency in data use
- Permission for data processing
- Penalties for breaches
Backup and Recovery
Importance:
- Protects against data loss
- Recovery from disasters
- Protection from ransomware
Types:
- Full backup: All data copies
- Incremental: Only changes since last backup
- Differential: Changes since last full backup
Safe Practices
For Users
Passwords:
- Strong, unique passwords
- Never share passwords
- Regular changes
- Password manager use
Online Behavior:
- Verify website URLs
- Avoid public WiFi for sensitive data
- Click suspicious links with caution
- Report suspicious activity
Software:
- Keep OS updated
- Install security patches
- Run antivirus/antimalware
- Avoid pirated software
For Organizations
Policies:
- Regular security training
- Password policies
- Acceptable use policies
- Incident response plans
Technical:
- Regular backups
- Network segmentation
- Access controls
- Monitoring and logging
Key Points
- Malware types: Virus, worm, trojan, spyware, ransomware
- Encryption: Symmetric (fast), Asymmetric (key distribution)
- Authentication: Passwords, MFA, biometrics
- Firewalls: Filter network traffic
- Data protection: Privacy, GDPR, backups
- Safe practices: Strong passwords, updates, behavior
- Social engineering: Manipulation tactics
- Access control: Permissions based on need
Practice Questions
- Explain malware types
- Compare encryption methods
- Describe authentication levels
- Explain firewall function
- Apply GDPR principles
- Design security policy
- Identify threats and defenses
Revision Tips
- Know malware types and effects
- Understand encryption methods
- Know authentication factors
- Understand firewall rules
- Know GDPR requirements
- Practice safe behavior
- Recognize social engineering