Malware (Edexcel GCSE Computer Science): Revision Notes
Threats to digital systems - Malware
What is a cyberattack?
A cyberattack happens when a hacker tries to break into a digital system without permission. Their main goals are usually to cause damage to the system or steal valuable data from it. Think of it like someone trying to break into your house - but instead of your physical home, they're targeting your computer, phone, or other digital devices.
Cyberattacks are becoming increasingly common and sophisticated, affecting individuals, businesses, and even government organisations. Understanding these threats is the first step in protecting yourself and your data.
Understanding malware
Malware is simply a term that covers all types of harmful software designed to damage or infiltrate computer systems. The word comes from combining "malicious" and "software."
While some skilled hackers can create their own malware from scratch, most cybercriminals actually download pre-made malicious code from the internet. This makes it easier for people with limited technical skills to launch attacks.
Most devices become infected when users accidentally click on email attachments that seem harmless, or when they visit websites that look legitimate but are actually designed to install malware on their device.
Types of malware and how they work
Let's break down the main categories of malware that hackers use:
Viruses and worms
Viruses are sneaky pieces of code that hide inside legitimate programmes on your computer. They stay dormant until their "host" programme runs, then they spring into action by making copies of themselves and trying to infect other programmes. Viruses commonly spread through email attachments, messaging apps, and social media links.
Worms are similar to viruses but much more aggressive. Unlike viruses, worms don't need to attach themselves to other programmes - they can move independently from device to device across networks. This means they can infect entire computer networks very quickly, causing widespread damage.
Both viruses and worms can make your computer run slowly, crash frequently, or even delete important files from your hard drive. The key difference is that worms can spread automatically without any user interaction.
Trojans and ransomware
Trojans are named after the famous Trojan horse from ancient history - they pretend to be helpful software that users want to install. However, once installed, they create a "backdoor" that gives hackers secret access to your computer. The hacker can then browse through your files and access other devices on your network.
Trojans are often used to deliver ransomware, which is particularly nasty malware that encrypts (locks) all your files. The hacker then demands payment (a ransom) in exchange for the key to decrypt your files. Even if you pay, there's no guarantee they'll actually unlock your files.
Never pay ransomware demands. There's no guarantee you'll get your files back, and paying only encourages more attacks. Instead, focus on prevention through regular backups and security measures.
Keyloggers
Keyloggers work like invisible spies that record every keystroke you make on your computer. This means they can capture sensitive information like passwords, credit card numbers, and personal messages without you realising it. The information is then sent secretly to the hacker.
Keyloggers can be particularly dangerous because they operate silently in the background, making them very difficult to detect without proper security software.
IoT botnets
The Internet of Things (IoT) refers to everyday devices that connect to the internet, such as security cameras, fitness trackers, smart TVs, and baby monitors. Hackers target these devices because they often have weak security settings.
When multiple IoT devices get infected, hackers can control them all together to create a botnet - essentially an army of zombie devices. These botnets are used to launch Distributed Denial of Service (DDoS) attacks, where they flood websites or networks with so much traffic that they crash.
Types of hackers
Not all hackers are criminals. Black-hat hackers are the ones who break into systems illegally to cause harm or steal information. However, white-hat hackers are actually cybersecurity professionals who help organisations find and fix security weaknesses before the bad guys can exploit them.
Real-world example: Smart home vulnerabilities
Real-World Security Vulnerability: Default Passwords
Many smart home devices come with default passwords set by the manufacturer (like "admin" or "password123"). If users don't change these default passwords, hackers can easily access these devices using simple scripts they find online.
This is why it's crucial to always change default passwords on any IoT device you buy - it's one of the simplest ways to protect yourself from cyberattacks.
Key Points to Remember:
- Cyberattacks aim to gain unauthorised access to digital systems to cause damage or steal data
- Malware is any malicious software designed to harm computers or networks
- Viruses hide in programmes, worms spread independently, Trojans disguise themselves as legitimate software, and keyloggers secretly record what you type
- IoT botnets turn innocent smart devices into zombie networks used for attacks
- Always change default passwords on smart devices and be careful about clicking suspicious links or attachments
- White-hat hackers help improve security, while black-hat hackers commit cybercrimes