Network Security Threats Overview

Overview

This lecture introduces key types of network security threats, describing their methods and impacts, with examples relevant for GCSE-level exams.

Malware is software designed to infect computers and commit crimes like fraud or identity theft.
Trojans are malicious programs disguised as legitimate software or files, often spread via email, messaging, or downloads.
Phishing is an online fraud tactic involving fake messages from trusted sources to trick users into giving personal information.
Brute-force attacks use automated trial-and-error attempts to crack passwords or encryption keys.
Denial-of-service (DoS) attacks flood servers with traffic, making them unable to respond to legitimate requests.
Distributed denial-of-service (DDoS) attacks use multiple compromised systems, or "zombies," to overwhelm a target.
Data interception and theft involve monitoring and capturing network traffic to steal sensitive data.
Sniffing is the act of eavesdropping on network traffic, often used to capture plain-text passwords or configuration data.
SQL injection exploits insecure coding in database applications to execute malicious code via input boxes.

Malware — Software intended to damage or exploit computers and networks.
Trojan — A type of malware disguised as legitimate software.
Phishing — Deceptive communication designed to steal personal information by appearing trustworthy.
Brute-force attack — Method of cracking passwords or keys using automated, exhaustive attempts.
Denial of Service (DoS) — Overloading a server with fake traffic to disrupt service.
Distributed Denial of Service (DDoS) — DoS attacks launched from multiple compromised systems.
Data interception — Unauthorized capturing of data as it travels across a network.
Sniffing — Monitoring network traffic to extract sensitive information.
SQL injection — Inserting malicious code into database queries via unsecured input fields.