What threats do malware and social engineering pose to digital systems, and how are systems and data protected?
Understand the threat to digital systems posed by malware (viruses, worms, Trojans, ransomware, key loggers), how hackers exploit technical vulnerabilities and use social engineering, and methods of protecting digital systems and data (anti-malware, encryption, acceptable use policies, backup and recovery).
A focused answer to Edexcel GCSE Computer Science 5.3.1 and 5.3.2, covering malware (viruses, worms, Trojans, ransomware, key loggers), how hackers exploit vulnerabilities and use social engineering, and protection methods (anti-malware, encryption, acceptable use policies, backup and recovery).
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
Edexcel wants you to describe the threats from malware (viruses, worms, Trojans, ransomware, key loggers), how hackers exploit technical vulnerabilities and social engineering, and the methods of protecting systems and data (anti-malware, encryption, acceptable use policies, backup and recovery).
Malware
The exam discriminators matter. The classic one is virus versus worm: a virus needs to attach to a file and be run by the user, whereas a worm self-replicates across networks on its own. A Trojan is defined by disguise (it pretends to be legitimate). Ransomware is defined by encrypt-and-demand-payment. A key logger is defined by recording keystrokes. Knowing each by its distinctive behaviour lets you answer "which malware" and "describe the difference" questions.
How hackers attack
There are two routes in: the technology and the people. Technically, software that has not been updated may contain known weaknesses that attackers exploit, which is why keeping software and anti-malware up to date matters. But often the easier route is the people: social engineering manipulates users into handing over passwords or clicking malicious links. Phishing emails or messages that look legitimate are the classic example, persuading the victim to reveal details or install malware. Because it targets human trust, no purely technical defence fully stops social engineering, training is essential.
Protecting systems and data
These defend in different ways. Anti-malware stops and removes malicious software. Encryption protects the confidentiality of data, so even if it is stolen it cannot be read without the key (vital for personal and financial data). Acceptable use policies and training address the human factor, reducing the chance of social engineering succeeding. Backup and recovery is the safety net: if data is lost, corrupted or held to ransom, recent backups let it be restored without paying a ransom. Layering these gives strong protection.
Try this
Q1. State what ransomware does. [1 mark]
- Cue. It encrypts the victim's files (or locks the system) and demands a payment for the decryption key.
Q2. State one method of protecting data so it is unreadable if stolen. [1 mark]
- Cue. Encryption (scrambling the data so it cannot be read without the key).
Exam-style practice questions
Practice questions written in the style of Pearson Edexcel exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
Edexcel 20224 marksDescribe the difference between a computer virus and a worm, and explain what ransomware does.Show worked answer →
A virus is malware that attaches itself to a file or program and spreads when that infected file is opened or run by a user; it needs the user to run the host file to spread.
A worm is malware that spreads by itself across networks without needing to attach to a file or be run by a user, replicating automatically, which lets it spread very quickly.
Ransomware is malware that encrypts the victim's files (or locks the system) and then demands a payment (a ransom) for the decryption key to restore access.
Markers reward the key difference (a virus attaches to a file and needs the user to run it; a worm self-replicates across networks without a host or user action) and a correct description of ransomware (encrypts or locks data and demands payment).
Edexcel 20214 marksExplain what social engineering is and describe one protection method an organisation could use to reduce the risk it poses.Show worked answer →
Social engineering is manipulating or tricking people into giving away confidential information or access (for example through phishing emails pretending to be from a trusted source), exploiting human trust rather than a technical weakness.
One protection method: staff training and an acceptable use policy that teaches people to recognise phishing and not to share passwords or click suspicious links, so they are less likely to be tricked. (Alternatively, strong authentication reduces the value of any stolen credentials.)
Markers reward defining social engineering (tricking people into revealing information or access, exploiting human trust, such as phishing) and a valid protection (user training and acceptable use policies, or strong authentication) with how it helps.
Related dot points
- Understand environmental issues associated with the use of digital devices (energy consumption, manufacture, replacement cycle, disposal).
A focused answer to Edexcel GCSE Computer Science 5.1.1, covering the environmental issues of digital devices: energy consumption, manufacture, the replacement cycle and disposal (e-waste).
- Understand ethical and legal issues associated with the collection and use of personal data (privacy, ownership, consent, misuse, data protection).
A focused answer to Edexcel GCSE Computer Science 5.2.1, covering the ethical and legal issues of collecting and using personal data: privacy, ownership, consent, misuse and data protection.
- Understand ethical and legal issues associated with artificial intelligence, machine learning and robotics (accountability, safety, algorithmic bias, legal liability), and methods of intellectual property protection (copyright, patents, trademarks, licencing).
A focused answer to Edexcel GCSE Computer Science 5.2.2 and 5.2.3, covering the ethical and legal issues of AI, machine learning and robotics (accountability, safety, algorithmic bias, legal liability) and intellectual property protection (copyright, patents, trademarks, licensing).
- Understand the importance of network security, ways of identifying network vulnerabilities (penetration testing, ethical hacking) and methods of protecting networks (access control, physical security, firewalls).
A focused answer to Edexcel GCSE Computer Science 4.2.1, covering the importance of network security, identifying vulnerabilities by penetration testing and ethical hacking, and protecting networks with access control, physical security and firewalls.
- Understand the purpose and functionality of utility software (file repair, backup, data compression, disk defragmentation, anti-malware), and the importance of developing robust software and methods of identifying vulnerabilities (audit trails, code reviews).
A focused answer to Edexcel GCSE Computer Science 3.2.2 and 3.2.3, covering utility software (file repair, backup, compression, defragmentation, anti-malware) and developing robust software with audit trails and code reviews.
Sources & how we know this
- Pearson Edexcel GCSE (9-1) Computer Science (1CP2) specification — Pearson (2020)