OCR J277 Network Security

Lesson 2: The Malware Menace

Distinguishing between different forms of malicious software and their impacts.

Lesson Progress

0/5
01 Review of Previous Learning

DO NOW: Decode the Images

Open your master Google Doc. Look at the two scenarios below. Identify the specific Social Engineering threat taking place in each image.

Image 1

A person on a train is typing their banking PIN into their phone while the passenger behind them watches closely.

Image 2

From: security@netfIix-billing.com

Payment Declined!

Update credit card details here

An email urging the user to click a link to update billing details due to a declined payment.

Reveal Answers (Corrections in Green Pen)
  • Image 1: Shoulder Surfing. The attacker is physically observing the user enter sensitive data.
  • Image 2: Phishing. The attacker is using a fraudulent email with a deceptive link to harvest credentials.
02 Introducing the New Objective & KWs

Context & Keywords

Learning Objective

To distinguish between different forms of malicious software (Malware) and explain their specific impacts on a computer system.

Tier 3 Vocabulary (Click to flip):

Malware Click to enlarge

An umbrella term for 'Malicious Software'. Any program written specifically to cause harm, steal data, or disrupt systems.

Exam Tip

Never just write "they got a malware" in the exam.

Malware is the category. You must identify the specific type (Virus, Worm, Trojan, etc.) to get full marks.

Click to close
Virus Click to enlarge

Software that replicates and attaches itself to legitimate host files. It executes when the user opens the infected file.

It needs a host. Like a biological virus needs a human cell.

Click to close
Worm Click to enlarge

Standalone malware that self-replicates rapidly across a network. Its main impact is consuming bandwidth to slow or crash the system.

It does NOT need a host file or human interaction to spread.

Click to close
Trojan Click to enlarge

Malware disguised as legitimate software (e.g., a free game). It tricks the user into installing it, then opens a backdoor for hackers.

Free_Minecraft.exe

...secretly installs a keylogger in the background.

Click to close
Ransomware Click to enlarge

Software that encrypts a user's data, making it unreadable. It demands a financial payment (ransom) for the decryption key.

FILES ENCRYPTED

Send 0.5 Bitcoin to unlock.

Click to close
Spyware Click to enlarge

Software that secretly monitors and records user actions (like a Keylogger recording key presses) and transmits data to a third party.

Types: p-a-s-s-w-o-r-d
Click to close
03 New Learning

Distinguishing the Threats

In the exam, simply defining malware is not enough. You must understand the differences in how they spread and what their purpose is.

Malware Type How it Spreads Primary Impact / Purpose
Virus Needs human interaction (opening an infected host file). Corrupts, edits, or deletes data files.
Worm Self-replicates automatically across a network. No host needed. Consumes network bandwidth, causing severe slowdowns or crashes.
Trojan Relies on Social Engineering (deception) so the user installs it willingly. Creates a 'backdoor' for hackers to exploit the system later.

MWB Check: True or False?

Read the statement below. Write True or False on your Mini Whiteboard and hold it up in silence.

"A Trojan horse replicates itself rapidly across a network to consume bandwidth."
Reveal Answer
FALSE. The statement describes a Worm. A Trojan does not self-replicate; it relies on deception to be installed.
04 Application

Independent Task & Exam Practice

Task 1: The IT Helpdesk Simulator

  • Open the Malware_Matchup.html link shared in Google Classroom.
  • You will act as Level 1 IT Support. Read the 5 user support tickets describing their computer symptoms.
  • Diagnose the specific type of malware infecting their machine.
  • Once you diagnose all 5 correctly, screenshot your summary and paste it into your Google Doc.

Task 2: Exam Question

In your Google Doc, answer the following 4-mark OCR exam question. Pay attention to the command words.

"A university has buildings in two sites that are 5 miles apart. The university wants to protect their data against threats when connected to the Internet."

Describe the threat malware can pose to the university's network and give a prevention method that the university can use. (3 Marks)

05 Consolidation

Plenary: The Red Herring

To finish the lesson, read the four statements below about Malware. Three are true, one is a 'Red Herring' (False).

Which statement is FALSE? Write A, B, C, or D on your MWB.

A) Ransomware encrypts files so the user cannot access them without a key.
B) A keylogger is a specific type of spyware.
C) A virus can spread across a network independently without any human action.
D) Trojans are disguised as legitimate software to trick users.
Reveal the Red Herring
C is the Red Herring! A virus requires a host file to be opened by a user. A WORM spreads independently without human action.