What kinds of attack threaten computer systems?
Understand the main cyber security threats, including the difference between vulnerabilities and attacks, and forms such as brute-force and denial-of-service attacks.
A focused answer to AQA GCSE Computer Science 3.6, covering the main cyber security threats, the difference between vulnerabilities and attacks, and forms such as brute-force and denial-of-service attacks.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
AQA wants you to understand what cyber security threats are, distinguish a vulnerability from an attack, and describe common forms of attack such as brute-force and denial-of-service.
Vulnerabilities and attacks
The distinction matters because the two need different responses: vulnerabilities are reduced by good design and maintenance (strong passwords, updates, training), while attacks are detected and blocked as they happen (monitoring, firewalls, account lockouts). A vulnerability that is never exploited causes no harm, but it remains a risk until it is fixed.
Brute-force attacks
The reason password length matters so much is that each extra character multiplies the number of combinations an attacker must try, so a long password can take an infeasibly long time to crack even at high speed.
Denial-of-service attacks
Other threats
Threats also include data interception (capturing data as it travels over a network, defended by encryption), SQL injection (entering malicious SQL into an input box to attack a database), and weaknesses caused by people, such as poor passwords or falling for scams.
SQL injection and data interception
Two more threats AQA expects you to recognise. SQL injection targets databases through web forms: if an input box passes whatever the user types straight into a database query, an attacker can type SQL commands that change the query's meaning, for example to reveal or delete data they should not see. It is prevented by validating and sanitising inputs so they are treated as data, not commands. Data interception is capturing data as it crosses a network (eavesdropping on packets), which is why encryption is used so that intercepted data cannot be read. Both show that attacks exploit specific weaknesses, and each has a matching defence, which is the pattern good answers follow.
Try this
Q1. State the difference between a vulnerability and an attack. [2 marks]
- Cue. A vulnerability is a weakness that could be exploited; an attack is the deliberate act of exploiting it.
Q2. Describe what a denial-of-service attack does. [2 marks]
- Cue. It floods a system with requests so it cannot respond to genuine users, stopping or slowing the service.
Exam-style practice questions
Practice questions written in the style of AQA exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
AQA 20194 marksExplain the difference between a vulnerability and an attack, and describe how a brute-force attack works, including one way to make it harder.Show worked answer →
A vulnerability is a weakness in a system that could be exploited, such as a weak password or unpatched software; an attack is the deliberate act of exploiting a vulnerability to gain access, steal data or disrupt the system. The vulnerability is the opening; the attack is using it.
A brute-force attack tries many possible passwords or keys automatically, one after another, until the correct one is found. It is made much harder by requiring long, complex passwords (so there are far more combinations to try) and by limiting the number of login attempts before locking the account.
Markers reward the weakness-versus-act distinction, a correct description of brute-force (systematic trial of combinations), and a valid countermeasure.
AQA 20224 marksA website is hit by a denial-of-service attack. Describe what this attack does and its effect on legitimate users, and explain why it is described as distributed when many computers are involved.Show worked answer →
A denial-of-service (DoS) attack floods a server or system with so many requests that it cannot cope, so it slows down or stops responding. The effect on legitimate users is that they cannot access the service, because the server is too busy handling the flood to serve genuine requests.
It is described as distributed (DDoS) when the flood comes from many computers at once, often a botnet of infected machines, which makes far more traffic and makes the attack harder to block because it does not come from a single source that can simply be filtered out.
Markers reward the overload mechanism, the effect (genuine users locked out), and the meaning of distributed (many sources, harder to stop).
Related dot points
- Understand what malware is and the main forms, including viruses, worms, trojans, spyware and ransomware, and the harm each can cause.
A focused answer to AQA GCSE Computer Science 3.6, covering what malware is and the main forms (viruses, worms, trojans, spyware and ransomware) and the harm each can cause.
- Understand social engineering, including phishing, shouldering and pretexting, and why people are often the weakest point in security.
A focused answer to AQA GCSE Computer Science 3.6, covering social engineering, including phishing, shouldering and pretexting, and why people are often the weakest point in security.
- Understand the methods used to detect and prevent cyber security threats, including penetration testing, anti-malware, firewalls, user access levels, passwords and encryption.
A focused answer to AQA GCSE Computer Science 3.6, covering the methods used to detect and prevent cyber security threats, including penetration testing, anti-malware, firewalls, user access levels, passwords and encryption.
- Understand the methods used to keep a network secure, including authentication, encryption, firewalls and MAC address filtering.
A focused answer to AQA GCSE Computer Science 3.5.4, covering the methods used to keep a network secure, including authentication, encryption, firewalls and MAC address filtering.
Sources & how we know this
- AQA GCSE Computer Science (8525) specification — AQA (2020)