01202 006 464
learndirectPathways

Cyber Attack Types: From Phishing to Advanced Persistent Threats

Podcast episode 29: Cyber Attack Types: From Phishing to Advanced Persistent Threats. Alex and Sam explore key concepts from the Pearson BTEC Higher Nationals in Computing. Full transcript included.

Series: HTQ Computing: The Study Podcast  |  Module: Unit 5: Security  |  Episode 29 of 80  |  Hosts: Alex with Sam, Computing Specialist
Key Takeaways
  • Phishing attacks use deceptive emails, messages, or websites to trick users into revealing credentials or downloading malware.
  • Ransomware encrypts a victim's data and demands payment for the decryption key, causing major disruption and financial loss to organisations.
  • Denial-of-service attacks flood a target system with traffic to make it unavailable to legitimate users.
  • SQL injection exploits vulnerabilities in web application input handling to gain unauthorised access to databases.
  • Advanced Persistent Threats involve sophisticated, long-term attacks by well-resourced adversaries who maintain a stealthy presence within a network over extended periods.
Listen to This Episode

Listen to the full episode inside the course. Enrol to access all 80 episodes, plus assignments, tutor support and Student Finance funding.

Start learning →
Full Transcript

Alex: Today we're examining cyber attack types in detail. Sam, let's work through the main categories.

Sam: Let's start with phishing, because it's by far the most common initial attack vector. Phishing attacks use deceptive emails, messages, or fake websites to trick users into revealing credentials, clicking on malicious links, or downloading malware. They exploit human psychology: urgency, authority, fear, and curiosity. Spear phishing is targeted at specific individuals and is much more convincing because it's personalised.

Alex: What do attackers do with stolen credentials?

Sam: They use them to access accounts and systems, often starting with one compromised account and using it to move laterally across the network to find more valuable targets. This is called credential stuffing when they use credentials stolen from one site to try to log into other sites, exploiting password reuse. Once inside, attackers may exfiltrate data, deploy ransomware, create backdoors for future access, or a combination of all three.

Alex: Speaking of ransomware, how does that work?

Sam: Ransomware is malicious software that encrypts the victim's files, making them inaccessible, and then demands payment, typically in cryptocurrency, in exchange for the decryption key. Modern ransomware attacks often exfiltrate data before encrypting it, so the threat is not just 'pay us or you can't access your files' but also 'pay us or we'll publish your data publicly'. This double extortion approach makes recovery from backups alone less of a complete solution.

Alex: What about denial-of-service attacks?

Sam: Denial of service, or DoS, attacks attempt to make a service unavailable by overwhelming it with traffic or requests. A distributed denial of service, DDoS, attack uses thousands or millions of compromised devices, a botnet, to generate the attack traffic. The scale can be enormous: attacks of hundreds of gigabits per second have been recorded. Countermeasures include traffic scrubbing services that filter malicious traffic before it reaches the target.

Alex: SQL injection is an important one for database developers to understand.

Sam: It's essential. SQL injection exploits web applications that fail to properly sanitise user input before using it in database queries. An attacker can insert malicious SQL code into an input field, causing the database to execute commands the attacker controls. This can allow them to read data they shouldn't have access to, modify or delete data, or even execute commands on the underlying server. The defence is input validation and using parameterised queries rather than constructing SQL strings from user input.

Alex: And Advanced Persistent Threats?

Sam: APTs are qualitatively different from the other attack types. They're typically carried out by well-funded, sophisticated threat actors, often nation-states or organised crime groups. Rather than going in and out quickly, an APT actor may spend months or years inside a network, maintaining a stealthy presence, moving laterally to reach their target, and exfiltrating data continuously. Detection is difficult precisely because they're designed to look like normal network activity.

Alex: Knowing your adversary is an important part of security, then.

Sam: Very much so. Threat intelligence, understanding who is likely to attack you and what methods they use, allows you to focus your defences where they matter most and to detect attack patterns relevant to your threat model.

Alex: Brilliant. We've covered a huge amount in Unit 5. We move into Unit 6 and project planning next.

Related content

curriculum

HTQ Computing: Full Curriculum

Explore the complete module and lesson structure for the Pearson BTEC Higher Nationals in Computing. 15 units, 80 lessons covering Programming paradigms and algorithms, Networking principles and protocols, Professional practice in computing and more.

podcast hub

HTQ Computing: The Study Podcast

Listen to 80 podcast episodes covering the Pearson BTEC Higher Nationals in Computing. Alex and Sam, a computing specialist, discuss every lesson from orientation through to advanced topics.

podcast episode

Welcome to Your HNC Computing: What to Expect

The Pearson BTEC Higher Nationals in Computing spans two qualification levels: Level 4 HNC and Level 5 HND, each building on the other.. The qualification comprises 15 units covering programming, networking, security, databases, professional practice, and emerging technologies.