Hacking is the act of gaining unauthorised access to systems or data. It occurs by exploiting vulnerabilities, making system maintenance crucial.

Malware is software intentionally designed to cause harm or steal information. It succeeds by infiltrating systems and performing unwanted operations.

Phishing is a social engineering attack that uses deceptive messages to obtain private information. It relies on psychological manipulation rather than technical breaches.

Why is pharming dangerous?

Pharming redirects users to fraudulent websites without their knowledge. This makes it difficult for users to detect the attack and increases the likelihood of credential theft.

Why is user training effective against many data threats?

Many attacks rely on human error or trust to succeed. When users understand warning signs, they can avoid actions that allow attackers access.

How does malware disrupt system integrity?

Malware can alter, corrupt, or delete files without permission. This undermines data reliability and can prevent systems from functioning properly.

Why do attackers use social engineering?

Social engineering bypasses technical security by targeting humans directly. People are often the weakest link, making this strategy highly effective.

What mistake occurs when users do not verify URLs?

Failing to check URLs can lead users to enter information on fraudulent websites. This error enables pharming and phishing attacks to succeed without technical intrusion.

Why is opening unknown attachments a major risk?

Unknown attachments often contain malware disguised as harmless files. Opening them gives attackers a direct path into the system.

What is the key difference between phishing and pharming?

Phishing uses deceptive messages to trick users into giving information, while pharming redirects users to fake websites without their awareness. This distinction matters because phishing relies on user interaction whereas pharming manipulates technical settings.

Threats to Data | Cambridge International Examinations IGCSE ICT

1. Definition & Core Concepts

Threats to data refer to any event or technique that exposes information to unauthorised access, modification, destruction, or misuse. These threats undermine one or more pillars of information security: confidentiality, integrity, and availability, making data unreliable or exposed to misuse.
Technical threats exploit software or hardware vulnerabilities to infiltrate systems. They rely on weaknesses such as outdated security patches, unprotected networks, or poorly configured infrastructure, making them dangerous when organisations fail to maintain system hygiene.
Human-focused threats manipulate users into revealing information or granting access. These attacks target natural human tendencies—trust, urgency, or lack of attention—making social engineering one of the most common and effective approaches.
Malicious software (malware) is software intentionally designed to disrupt, damage, or gain unauthorised access to systems. It includes viruses, trojans, and spyware, each functioning in different ways but sharing the goal of compromising data security.

A diagram showing data at the center with a threat source pointing toward it.

2. Underlying Principles

Confidentiality principle states that data should only be accessible to authorised individuals. Threats such as hacking, phishing, or spyware violate this principle by exposing private information to outsiders.
Integrity principle ensures data remains unaltered unless changed through legitimate actions. Malware such as viruses or trojans threatens integrity by corrupting or modifying files without permission.
Availability principle ensures that systems and data are accessible when needed. Threats like malware-induced crashes or redirected websites interrupt normal access, reducing the ability to use systems effectively.
Authentication and verification underpin modern security practices. When attackers imitate trusted sources or bypass authentication, they directly attack the mechanism that confirms a user's identity.

3. Methods & Techniques

Hacking techniques exploit weaknesses such as outdated software, weak passwords, or badly configured networks to access data. Attackers often use automated tools and scripts, making prevention reliant on strengthening system defences.
Phishing methods deceive users through fake messages that imitate legitimate organisations. These messages often create urgency or fear to trick users into revealing sensitive information through fraudulent links or forms.
Pharming attacks redirect users from legitimate websites to fake ones by tampering with browser or DNS settings. This makes verification of web addresses and secure connections essential for preventing credential theft.
Smishing and vishing techniques extend phishing to SMS and voice calls, using crafted messages or impersonated calls to trick victims. These methods exploit trust and real-time communication, requiring users to verify identities before sharing information.
Malware deployment involves embedding harmful software into attachments, fake apps, or compromised websites. Each type—virus, trojan, spyware—operates differently, but all aim to infiltrate devices and harvest or damage data.

4. Key Distinctions

Comparison of Major Threat Types

Feature	Hacking	Phishing	Malware	Pharming
Primary method	Technical exploitation	Social manipulation	Malicious software	Redirecting websites
User interaction required	Usually low	High	Medium	Low
Main target	Systems & networks	Personal information	Device integrity	Login credentials
Prevention focus	Hardening systems	Training users	Protective software	Checking secure URLs

Active vs. passive threats differentiate whether the attacker directly manipulates systems or simply observes. Spyware and keylogging are passive in nature, silently collecting information, whereas viruses and trojans actively disrupt systems.
Social engineering vs. technical exploitation distinguishes attacks based on their primary entry point. Social engineering preys on human error, while technical exploitation targets system vulnerabilities, requiring different prevention strategies.

5. Exam Strategy & Tips

Identify the attack vector by looking for clues about whether the threat targets humans or technology. Exam questions often embed these hints in scenarios, and recognizing them helps in choosing the correct threat category.
Look for specific symptoms such as redirected websites, fake messages, or system slowdowns. Linking symptoms to threat types is a common exam task and helps in giving precise answers.
Match the prevention method correctly by pairing security solutions with threats they best mitigate. For example, firewalls address external intrusions, while anti-malware tools protect against malicious software.
Use terminology precisely such as 'unauthorised access', 'identity theft', or 'malicious redirection'. Formal vocabulary is expected in exam responses and improves clarity and accuracy.

6. Common Pitfalls & Misconceptions

Confusing phishing with pharming is common because both aim to steal credentials. The key difference is that phishing relies on fake communication, while pharming uses website redirection, and mixing them up leads to incorrect explanations.
Assuming all malware behaves the same leads to vague or incorrect answers. Each type—virus, trojan, spyware—has distinct behaviours, and mixing them weakens technical accuracy in responses.
Believing strong passwords alone stop hacking oversimplifies security. Passwords help, but hacking often exploits unpatched software or misconfigured systems, so answers must show understanding of multi-layered defence.
Overlooking human error leads to incomplete solutions. Many threats succeed because of user actions, so prevention strategies must include user education, not just technical tools.

7. Connections & Extensions

Data protection practices such as encryption and authentication directly mitigate the risks posed by data threats. Understanding threats helps explain why these protective methods are necessary and how they are applied in real systems.
Cybersecurity policies build on knowledge of threat behaviour to create protocols such as password requirements, network monitoring, and software update schedules. These policies translate theory into organisational practice.
Emerging threats evolve from the same fundamental principles but use more advanced technologies such as AI-driven phishing or automated malware. Recognising core concepts helps students adapt to evolving cybersecurity landscapes.

Threats to Data

Summary

1. Definition & Core Concepts

2. Underlying Principles

3. Methods & Techniques

4. Key Distinctions

5. Exam Strategy & Tips

6. Common Pitfalls & Misconceptions

7. Connections & Extensions

Threats to Data

Summary

1. Definition & Core Concepts

2. Underlying Principles

3. Methods & Techniques

4. Key Distinctions

Comparison of Major Threat Types

5. Exam Strategy & Tips

6. Common Pitfalls & Misconceptions

7. Connections & Extensions

Comparison of Major Threat Types