Modern networks face a wide range of security threats, and understanding these threats is a core requirement in IB Computer Science. Students are expected not only to name threats, but to explain how they work, what damage they cause, and why security measures are needed.
IB examiners reward answers that show cause-and-effect understanding, not just lists of terms.
What Is a Network Security Threat?
A network security threat is any action or event that:
- Compromises data confidentiality
- Disrupts network availability
- Allows unauthorised access
- Damages systems or data
Threats can be intentional (attacks) or unintentional (misconfiguration), but IB questions focus mainly on deliberate attacks.
Malware
Malware is malicious software designed to harm systems or steal data.
Common types include:
- Viruses – attach themselves to files and spread
- Worms – spread automatically across networks
- Trojan horses – disguise themselves as legitimate software
Malware can:
- Steal sensitive data
- Damage files
- Slow down networks
- Create backdoors for attackers
In IB answers, students should explain how malware spreads, not just name it.
Phishing Attacks
Phishing is a social engineering attack that tricks users into revealing sensitive information.
It typically involves:
- Fake emails or messages
- Spoofed websites
- Requests for login details or financial information
Phishing attacks exploit human error, not technical weakness.
IB students should recognise that:
- Even secure systems are vulnerable if users are deceived
- Education and awareness are key defences
Denial of Service (DoS) Attacks
A Denial of Service (DoS) attack aims to:
- Overwhelm a system or network
- Prevent legitimate users from accessing services
This is done by:
- Flooding servers with traffic
- Consuming system resources
A Distributed Denial of Service (DDoS) attack uses many devices at once, making it harder to stop.
In IB exams, DoS attacks are often linked to:
- Availability
- Network reliability
Man-in-the-Middle Attacks
In a man-in-the-middle attack, an attacker:
- Intercepts communication between two parties
- Reads or alters data without detection
This can occur on:
- Unsecured Wi-Fi networks
- Compromised network links
Encryption (such as HTTPS and VPNs) helps prevent this type of attack.
Unauthorised Access
Unauthorised access occurs when:
- Attackers gain access without permission
- Weak passwords are exploited
- Credentials are stolen
This threat highlights the importance of:
- Strong authentication
- Access control
- Firewalls
IB students should link unauthorised access to data breaches.
Why These Threats Matter in IB Computer Science
IB exam questions may ask students to:
- Identify threats in a scenario
- Explain how an attack works
- Link threats to security measures
- Justify network protection strategies
Understanding threats helps explain why security tools exist.
Common Student Mistakes
Students often:
- List threats without explanation
- Confuse threats with protections
- Ignore the human factor
- Use vague language
Clear explanations score higher.
Final Thoughts
Network security threats exploit both technical weaknesses and human behaviour. Malware, phishing, DoS attacks, man-in-the-middle attacks, and unauthorised access all threaten data, systems, and availability.
Understanding how these threats work allows IB Computer Science students to explain security risks clearly and justify protective measures confidently — exactly what examiners expect.
