eSecurity - Information Technology (9626) - Cambridge A-Level

* The content provided by thinka is generated by AI and may not always be accurate or up-to-date. Please use it as a supplementary resource and verify with official materials.

IT 9626 AS Level: Comprehensive Study Notes for eSecurity (Topic 5)

Welcome to the eSecurity chapter! This is one of the most critical and relatable topics in the IT syllabus. Why? Because you interact with online systems every single day, and understanding how to protect data—both yours and an organisation's—is essential for surviving in the digital world.

Don't worry if terms like 'phishing' and 'ransomware' sound intimidating. We'll break down the bad guys, their tricks, and the high-tech defenses used to keep information safe. Let's make you an eSecurity expert!

5.1 Personal Data Security and Confidentiality

What is Personal Data?

Personal data refers to any information that can be used to identify an individual. Protecting this data is the core of eSecurity.

Examples include: Names, addresses, email addresses, phone numbers, location data, bank details, and unique identification numbers (like national ID numbers).

Keeping Data Secure and Confidential

Confidentiality means ensuring that data is only accessible to those who are authorised to see it. It's like locking your diary away.

Why is personal data kept confidential?

To prevent fraud or identity theft.
To comply with legal requirements (data protection laws).
To maintain customer trust and protect an organisation's reputation.

Methods to Ensure Confidentiality

Keeping personal information confidential involves careful handling, not just technological fixes.

Removal of Geotags: Geotags are location data automatically embedded in photos and videos (metadata). Removing these prevents unauthorized persons from knowing where the media was taken.
Anonymising Information: Stripping away direct identifiers (like names or ID numbers) from data sets, making it impossible to trace the data back to an individual.
Aggregating Information: Combining data into large groups so that individual pieces of data cannot be identified. Example: Instead of reporting "John, age 35, bought a car," a report says "15% of customers aged 30–40 bought cars."
Duty of Confidence Measures: This is a legal or contractual obligation where employees are bound not to disclose sensitive information learned during their work.

Preventing Misuse of Personal Data

Misuse often happens when unauthorised people gain access to information. Prevention relies heavily on strong network security measures.

Unauthorised Data Gathering (Social Engineering)

These are methods where malicious actors trick individuals into giving up their data.

Phishing: Sending fraudulent emails that look like they come from a legitimate source (e.g., your bank) to trick you into entering login details on a fake website. Think: Email scams.
Vishing: Phishing conducted over the phone (Voice Phishing). The caller pretends to be a trusted entity, like a tech support agent, to gain access to financial information.
Smishing: Phishing conducted via SMS text messages (Short Message Service Phishing). They often contain urgent links requiring immediate action.
Pharming: A more sinister attack where malicious code redirects a user to a fake website, even if the user types the correct web address. It poisons the DNS system locally or on the server.

Memory Aid: P(hishing) = PC/Email; V(ishing) = Voice/Phone; S(mishing) = SMS; F(arming) = Fake website redirection.

Key Prevention Technology: Firewalls

A firewall acts as a barrier between your internal network/computer and the external internet. It inspects data packets and blocks those that don't meet a specific set of security rules.

Hardware Firewalls: Dedicated physical devices (like those built into routers) that protect the entire network. They are generally more robust and manage heavy traffic.
Software Firewalls: Programs installed on individual computers that protect that specific machine.

Quick Review: Advantages/Disadvantages of Prevention Methods

| Method | Advantages | Disadvantages |
|---|---|---|
| Anonymising/Aggregating | Protects mass data; useful for statistical analysis. | Can reduce the detail/completeness of information; complex to implement correctly. |
| Firewalls | Essential first line of defence; highly configurable rules. | Can slow down network traffic; incorrect configuration might block legitimate traffic. |
| User Training | Highly effective against social engineering (e.g., phishing). | Requires constant updating; people may forget or ignore advice. |

Key Takeaway (Section 5.1)

eSecurity for personal data relies on layers: proper procedures (like anonymising) combined with technical barriers (like firewalls). The biggest weakness is often the human element, which is exploited by social engineering attacks like phishing and vishing.

5.2 Malware: Types and Prevention

What is Malware?

Malware is short for Malicious Software. It is any software specifically designed to disrupt, damage, or gain unauthorised access to a computer system.

Uses and Intentions of Malware

Malware is deployed for specific harmful purposes:

Fraud: Using a victim's system or credentials to commit financial deceit.
Theft: Stealing sensitive data (e.g., credit card numbers, trade secrets).
Industrial Espionage: Stealing secrets or proprietary information from competing organisations.
Sabotage: Deliberately destroying or corrupting an organisation’s IT systems and data.

The Seven Deadly Types of Malware (Syllabus List)

It is crucial to know the difference between the main types of malware, especially how they spread or how they function.

Types of Malware:

Trojan (Trojan Horse): Malware disguised as legitimate software. It requires the user to execute it willingly. It does not self-replicate.
Worms: Standalone malicious programs that self-replicate and spread across networks without needing a host program or user interaction. They consume bandwidth quickly.
Spyware: Secretly monitors user activity (e.g., keystrokes, website visits) and reports this data back to the perpetrator.
Adware: Automatically delivers unwanted advertisements, often bundled with free software. While annoying, it may also track data for targeted advertising.
Rootkit: A collection of tools designed to hide the presence of other malicious software (like a virus or a worm) and allow the attacker continuous, privileged access to a computer.
Malicious Bots: Automated software agents that perform tasks dictated by an attacker. Often used in large groups called botnets to launch massive attacks like Denial of Service (DoS).
Ransomware: Malware that encrypts a victim's files, preventing access until a ransom (payment) is paid, usually in cryptocurrency.

Did you know? The name "Trojan Horse" comes from Greek mythology, where Greek soldiers hid inside a giant wooden horse, which was then wheeled into the city of Troy. Just like the mythological horse, the software appears harmless until it is inside the system.

Consequences of Malware

The effects of an attack can be severe for both parties:

For Individuals: Financial loss (stolen bank details, ransomware payments), identity theft, loss of personal files/photos, and distress.
For Organisations: Loss of intellectual property, significant financial costs (to clean up the breach and pay fines), system downtime, legal liability, and irreparable damage to reputation.

Malware Prevention Methods

Prevention strategies include both software and physical measures:

Software Prevention Methods:

Anti-virus Software: Scans files and programs for known signatures of malware and quarantines or removes the threat.
Anti-spyware Software: Specifically targets programs that monitor and track user activity.
Regular Updates/Patching: Ensures operating systems and applications have the latest security fixes, closing known vulnerabilities that malware exploits.

Physical Prevention Methods:

Physical security often protects against the installation or spread of malware via hardware.

Physical Separation/Air Gaps: Keeping critical systems completely disconnected from public networks (the internet or general local network). This means malware cannot jump across the "air gap."
Controlling Access Points: Locking down ports (like USB or network ports) to prevent employees or outsiders from physically plugging in infected external devices.

Quick Review: Advantages/Disadvantages of Malware Prevention

| Method | Advantages | Disadvantages |
|---|---|---|
| Anti-virus Software | Provides strong defence against known threats; often runs automatically. | Must be regularly updated; may fail to detect zero-day (new, unknown) threats; can consume system resources. |
| Physical Isolation | Provides ultimate protection for critical data (air gap). | Highly impractical for daily operational systems that require internet access; difficult to transfer files legitimately. |

Key Takeaway (Section 5.2)

Malware is varied, with each type designed for a specific attack style (e.g., worms spread, Trojans trick, ransomware locks). Effective defence requires a multi-layered approach: good software (anti-virus) and good physical procedures (limiting access).