This topic in the IGCSE syllabus is split into four clear sections which deal with the risks to data posed by accidental or malicious actions, the methods that can be used to keep data safe, and the protection of online systems. There is also a requirement for students to apply this knowledge to real-life scenarios. For the 2016 examination session Cambridge have also added Secure Socket Layer (SSL) and Transport Layer Security (TLS) to the syllabus. Click here for recommended Cambridge IGCSE Computer Science textbooks.
The news articles below cover some of the major risks of malicious actions such as hacking or malware. Myriad examples of these problems exist (and new ones seem to appear every few weeks), but the examples below highlight some of the more famous cases (and the greatest losses).
- Target Expects $148 Million Loss from Data Breach
- Security lapses at Apple and Amazon lead to an epic hack
- McDonald’s customers’ data exposed in a Big Mac hack attack
- Sony fined over 'preventable' PlayStation data hack
- Lost in the post - 25 million at risk after data discs go missing
- Zurich Insurance fined £2.3m over customers' data loss
- Doorstep lender Shopacheck fined £150,000 for data loss
- Home Depot: Card breach put 56M cards at risk
The news articles below cover some examples of (in)famous errors in databases, from relatively minor to major errors in voting systems.
- French phone bill waived after 12qn-euro blunder
- Meet Mikey, 8: U.S. Has Him on Watch List
- Dead girl given truancy warning
- Outrage at 500,000 DNA database mistakes
- Florida’s flawed “voter-cleansing” program
CommonCraft popularised the paper-and-marker pen style of video explanation, and some of their original videos are still the best. Secure Passwords Explained by CommonCraft does exactly as you might expect.
Microsoft's Password Checker and the site How Secure is my Password? offer quick ways to see how the complexity of a password significantly alters how easy it is to crack: for obvious reasons it is probably better to use these sites with imaginary passwords rather than your real passwords!
The National Codes Centre at Bletchley Park (who know a thing or two about ciphers) have comprehensive lesson plans, teacher's notes, and student activities for various types of encryption, from simple substitution ciphers (Caesar ciphers) through the infamous Enigma and Lorenz ciphers to modern day methods.
Very detailed but clear explanations of the various types of encryption systems, from simple substitution ciphers (Caesar ciphers) to modern public key encryption systems. The page also explains the types of attacks that can be performed against ciphers, such as known plaintext attacks and frequency analysis attacks. A variety of interactive applets held improve understanding.
Braingle contains extensive notes on many different types of cipher systems from Caesar ciphers to four-square ciphers. There are dozens of examples and some interactives to help students understand the different ways plaintext can be encrypted. This could be a good site to support a lesson starter activity or extension activities for more advanced students who are interested in encryption systems.
A simple interactive that implements a basic Caesar cipher. One great use for this is to highlight just how weak Caesar ciphers are. By giving students examples of ciphertext and asking them to use this tool to break them, they should realise just how easy it is to perform a brute force attack.
SonicWALL Phishing IQ Test is a quiz game which is a great way to test students' understanding of phishing scams. Players are presented with a series of mock emails, web pages, or URLs that utilize some of the techniques online criminals often use. Spotting the the genuine pages and avoiding the fakes is harder than you might think!