Spec & Goals 3 min
AQA Spec 3.6.1.1 — Denial-of-service attacks; data interception and theft
By the end of this lesson you can:
- Describe a denial-of-service (DoS) attack and its impact.
- Explain data interception and theft (packet sniffing / man-in-the-middle).
- State how each can be defended against.
Warm-Up 5 min
Some attacks don't steal anything — they just stop a service working. Others quietly copy data as it crosses a network. This lesson covers both.
Quick starter
If 100,000 fake customers all phoned a pizza shop at once, real customers couldn't get through. How is this like an attack on a website?
Reveal the idea
The phone line is overwhelmed by fake traffic — exactly what a denial-of-service attack does to a server: it floods it so real users can't get in.
Key Concept — two very different attacks 14 min
Denial of service (DoS)
A denial-of-service attack floods a server or network with so many requests that it becomes overwhelmed and cannot respond to legitimate users.
When the flood comes from many hijacked computers at once (a botnet), it is a distributed denial-of-service (DDoS).
Data interception and theft
Data interception means capturing data as it travels across a network — for example using packet sniffing software, or a man-in-the-middle position on public Wi-Fi — and stealing the contents.
| Attack | Goal | Defend with… |
|---|---|---|
| DoS / DDoS | Make a service unavailable. | Firewalls, traffic filtering, rate-limiting, extra server capacity. |
| Data interception | Steal data in transit. | Encryption (HTTPS, secure Wi-Fi) so intercepted data is unreadable. |
Worked Example — impact and defence 12 min
Problem: An online shop in Penang is hit on its busiest day: the site is flooded and goes offline; separately, customers on the shop's free Wi-Fi have card details stolen. Name each attack and defend it.
- Site flooded and offline → DoS/DDoS. Impact: customers can't buy → lost sales and reputation. Defence: firewall + traffic filtering to block the flood; rate-limit requests; scale up capacity.
- Card details stolen over Wi-Fi → data interception. Impact: theft of confidential data. Defence: encrypt the connection (HTTPS / secure Wi-Fi) so intercepted packets are unreadable.
Try It Yourself 12 min
Goal: Describe what a denial-of-service attack does.
Goal: Explain why a DoS attack can harm a business even though no data is stolen.
Goal: Explain how encryption protects against data interception, but not against a DoS attack.
📝 Exam Practice 10 min
Describe how a denial-of-service attack works.
Mark scheme
- The server/network is flooded with a large number of requests/traffic (1).
- So it is overwhelmed and cannot respond to legitimate users (1).
Explain one impact of a DoS attack on an online business.
Mark scheme
- The website becomes unavailable to customers (1).
- So the business loses sales / income / reputation (1).
Explain how encryption protects against data interception.
Mark scheme
- The data is scrambled into ciphertext as it travels (1).
- So if intercepted it cannot be read/used without the key (1).
Recap & Key Terms 3 min
A DoS attack floods a server so genuine users can't get in — it harms availability, not confidentiality. Data interception captures data crossing a network (e.g. packet sniffing) — defend it with encryption. DoS is defended with firewalls, filtering and capacity.
- Denial-of-service (DoS)
- Flooding a server with traffic so it cannot respond to legitimate users.
- DDoS
- A distributed DoS launched from many hijacked computers (a botnet) at once.
- Data interception
- Capturing data as it travels over a network in order to steal it.
- Packet sniffing
- Using software to capture and inspect packets travelling across a network.
Homework 1 min
Task (≤ 15 min): A bank suffers two incidents: its website is knocked offline for an hour, and a customer's data is stolen over public Wi-Fi. For each, name the attack, state one impact, and give one defence.
Model answer
Website offline = DoS/DDoS; impact: customers can't bank / lost trust; defence: firewall + traffic filtering / extra capacity. Data stolen over Wi-Fi = data interception; impact: theft of confidential details; defence: encryption (HTTPS) so intercepted data is unreadable.
Award marks for: both attacks named (2); a valid impact each (2); a matching defence each (2).