← Course home N5 Computing Science  ·  James Gillespie's
CS  ·  Computer Systems

Environmental Impact & Security

Lesson CS9 of 10 Approx 70 min
Learning intentions
  • Understand the environmental impact of computer systems, including energy use and e-waste
  • Identify different types of security threat, including malware and social engineering
  • Describe security measures used to protect computer systems and data
Success criteria
  • I can describe at least three environmental impacts of computing and suggest ways to reduce them
  • I can identify and explain at least four types of malware
  • I can describe security measures including firewalls, encryption, passwords, and software updates
Warm up — what do you already know?

Answer before the lesson begins. These check prior knowledge — it's fine if you're unsure.

1. What does the term "carbon footprint" mean?

2. What is malware?

3. What does a firewall do?

Key vocabulary

malware
Malicious software designed to damage, disrupt, or gain unauthorised access to a computer system.
virus
Malware that attaches itself to a legitimate file and spreads when that file is shared. Requires human action to spread.
worm
Self-replicating malware that spreads automatically across networks without any user action.
trojan
Malware disguised as legitimate software that tricks users into installing it. Does not self-replicate.
ransomware
Malware that encrypts a victim's files and demands payment to restore access.
spyware
Malware that secretly monitors user activity (passwords, keystrokes, browsing) and sends it to attackers.
phishing
A social engineering attack that impersonates a trusted organisation to trick users into revealing personal data or passwords.
firewall
Software or hardware that monitors network traffic and blocks connections that do not meet its security rules.
encryption
The process of scrambling data so it can only be read by someone with the correct decryption key.
two-factor authentication
A login method that requires a second form of verification (e.g. a code texted to a phone) in addition to a password.
e-waste
Discarded electrical and electronic equipment — old phones, laptops, and other devices — that must be disposed of responsibly.
patch
A software update that fixes security vulnerabilities, bugs, or other weaknesses in an operating system or application.

Environmental Impact & Security

Environmental Impact — Energy Consumption

Computers and digital devices consume significant amounts of electricity. The internet, cloud services, and streaming platforms are powered by vast data centres — warehouses full of servers that run 24 hours a day, 7 days a week. In 2023, data centres consumed an estimated 1–2% of global electricity. The energy needed to cool these servers (preventing overheating) can match or exceed the energy used to run them. Most of this electricity still comes from fossil fuels, releasing carbon dioxide (CO₂) and contributing to climate change.

Environmental Impact — E-Waste

E-waste (electronic waste) is the fastest-growing category of waste globally. When devices such as phones, laptops, and monitors reach the end of their life, they contain toxic materials — including lead, mercury, and cadmium — that can contaminate soil and water if dumped in landfill. Many countries have introduced e-waste recycling schemes where devices are broken down safely and valuable metals (gold, copper, rare earth elements) are recovered and reused.

The manufacturing of new devices also has a large environmental cost. Mining the raw materials required (rare earth metals, lithium for batteries, silicon for chips) causes habitat destruction and pollution. The carbon emitted during manufacturing a new device — called its embedded carbon — is often larger than the carbon it will emit during its entire working life. This means keeping devices for longer is one of the most effective environmental choices a user can make.

Reducing Environmental Impact

  • Enable energy-saving modes (sleep/hibernate) so devices use less power when idle.
  • Turn devices off fully when not in use rather than leaving them on standby.
  • Choose energy-efficient hardware — devices with good energy ratings consume less electricity over their lifetime.
  • Recycle old devices through certified e-waste recycling programmes rather than sending them to landfill.
  • Buy refurbished or second-hand devices to extend the useful life of existing hardware and reduce manufacturing demand.
  • Use cloud computing — sharing server resources across many users is more energy-efficient than every organisation running its own under-used servers.

Security Threats — Hacking and Malware

Hacking is gaining unauthorised access to a computer system or network. Hackers may steal data, install malware, disrupt services, or demand a ransom. The term covers a wide range of attacks, from automated tools that guess passwords to sophisticated targeted intrusions.

Malware is malicious software and comes in several distinct forms:

Type How it spreads What it does
Virus Attaches to a host file; spreads when the file is shared or opened Corrupts, deletes, or modifies files; requires human action to spread
Worm Self-replicating; spreads automatically across networks Can slow networks to a halt; may install further malware
Trojan Disguised as legitimate software; user installs it voluntarily Opens a backdoor for attackers; does not self-replicate
Ransomware Often via phishing emails or infected downloads Encrypts the victim's files; demands payment for the decryption key
Spyware Often bundled with free software or installed by a trojan Secretly records passwords, keystrokes, and browsing activity

Security Threats — Social Engineering and Phishing

Phishing is a social engineering attack in which an attacker impersonates a trusted organisation — such as a bank, HMRC, or a tech company — to trick users into revealing passwords, card numbers, or personal data. Phishing attacks arrive via email, text message (smishing), or phone call (vishing). They typically create urgency ("Your account will be suspended unless you act now") and direct victims to a fake website that looks legitimate.

Clues that an email or message may be a phishing attempt include: a domain name that is slightly wrong (e.g. paypa1.com instead of paypal.com), poor spelling and grammar, a generic greeting ("Dear customer"), and a link that does not match the organisation's real website.

Security Measures — Firewalls

A firewall monitors all incoming and outgoing network traffic and applies a set of rules to decide what is allowed. Any connection that does not match the rules is blocked. Firewalls can be software (installed on a device) or hardware (a dedicated device on a network). They are a first line of defence, preventing many attacks from ever reaching a system.

Security Measures — Encryption

Encryption transforms data into an unreadable format using a mathematical algorithm and a key. Only someone with the correct decryption key can read the original data. Encryption protects data in transit (e.g. HTTPS on websites, encrypted email) and at rest (e.g. an encrypted hard drive). Even if data is intercepted or a device is stolen, encrypted data is useless without the key.

Security Measures — Passwords and Authentication

A strong password is at least 12 characters long and uses a mix of uppercase letters, lowercase letters, numbers, and symbols. Passwords should be unique for each account — reusing the same password means that one data breach exposes every account. Two-factor authentication (2FA) adds a second verification step: even if an attacker obtains a password, they cannot log in without also providing the second factor (typically a one-time code sent to the user's phone or generated by an authenticator app).

Security Measures — Software and Antivirus

Antivirus/anti-malware software scans files and running processes, comparing them against a database of known malware signatures. When a match is found, the software quarantines or removes the threat. Antivirus software must be kept up to date, as new malware variants appear constantly.

Keeping operating systems and applications updated is equally important. Developers release patches that fix security vulnerabilities. Attackers actively exploit known vulnerabilities in unpatched software, so applying updates promptly closes those windows of opportunity.

Worked examples

Example 1 — Identifying a security threat from a scenario

Maya receives an email from support@apple-secure.net saying her Apple ID has been locked. The email asks her to click a link and enter her password to unlock it.

1
Identify the attack type. The email pretends to be from Apple to trick Maya into giving up her password. This is a phishing attack — a form of social engineering.
2
Spot the clues. The sender domain is apple-secure.net, not apple.com. Apple's real support address would be from apple.com. The suspicious domain is a strong indicator of a fake email.
3
Advise Maya. Do not click the link. If genuinely concerned about the account, go directly to apple.com by typing it into the browser — never follow links in unexpected emails. Report the email as phishing.
Example 2 — Distinguishing a virus from a worm

An exam question asks: "Describe one difference between a virus and a worm."

1
State the key difference. A virus requires a host file to spread — it attaches itself to a document or program. A worm does not need a host file; it is self-replicating and spreads automatically across a network.
2
Explain the implication. Because a virus needs human action (opening or sharing an infected file) to spread, it travels more slowly. A worm can propagate across thousands of machines in minutes without any user interaction.
3
Use a real example if it helps. The WannaCry ransomware (2017) behaved like a worm — it self-replicated across networks, affecting NHS hospitals without staff needing to open any attachment.
Example 3 — Recommending security measures for a scenario

A small business stores customer payment data on a server that is accessible from the internet. Suggest three security measures and explain how each one protects the data.

1
Encryption. All data transferred between the server and customers should use encryption (HTTPS/TLS). Even if the data is intercepted in transit, it cannot be read without the decryption key.
2
Firewall. Install a firewall to monitor all incoming network connections. The firewall blocks access from unknown or suspicious IP addresses, preventing unauthorised users from reaching the server at all.
3
Two-factor authentication. Require all staff to use 2FA when logging into the server. Even if an employee's password is stolen, the attacker cannot log in without also providing the second factor (e.g. a code from the employee's phone).
Now you try

Lewis's school laptop was left unlocked. A classmate installed what appeared to be a free game, but the program was secretly recording Lewis's saved browser passwords and sending them to a remote server.

Answer the following:

  1. What type(s) of malware best describes this program? Explain your reasoning.
  2. Name one security measure that could have prevented the malware from being installed.
  3. Suggest one action Lewis should take now that the malware has been discovered.
  1. Trojan — because it was disguised as a legitimate game to trick the user into installing it. It also behaves as spyware — it secretly steals passwords and sends them to an attacker. Full marks for either or both types with a reason.
  2. Any one of: antivirus/anti-malware software (would have detected and blocked the malicious program before or during installation); restricted user permissions (a standard account without admin rights cannot install software, so the malware could not have been installed); keeping the OS/software up to date with patches (closes known vulnerabilities the malware might have exploited).
  3. Any one of: change all saved passwords immediately (they may already have been stolen); enable two-factor authentication on important accounts so stolen passwords alone are not enough; run a full antivirus scan and remove the malware; report the incident to the school's IT staff.
Common mistakes
Confusing a virus and a worm. A virus needs a host file and human action to spread. A worm is self-replicating and spreads automatically across a network with no user involvement. In an exam, if you mix these up you will lose marks even if you describe one of them correctly.
"Encryption stops hackers from breaking in." Encryption protects the content of data if it is intercepted or stolen — it does not prevent unauthorised access to a system. You still need firewalls and authentication to stop hackers getting in; encryption protects the data if they do.
Thinking phishing only happens by email. Phishing can also occur via text message (smishing), phone call (vishing), or fake websites. The method of delivery can vary; what defines phishing is impersonating a trusted entity to steal credentials or personal data.
Describing antivirus as a one-time fix. Antivirus software is only effective if its definitions are kept up to date. New malware is created constantly; an out-of-date antivirus will not recognise new threats. Always mention that it must be updated regularly.
Exam tip

The SQA regularly asks you to "describe" or "explain" a security measure. A one-word answer like "firewall" scores zero — you must explain how it works. A full-mark answer has two parts: what it does and how that protects the system. For example: "A firewall monitors all incoming and outgoing network traffic and blocks any connections that do not meet its security rules, preventing unauthorised access to the system." The same pattern applies to encryption, 2FA, antivirus, and patches — always name the measure and explain the mechanism.

For environmental impact questions, you will often be asked to suggest a way to reduce impact. Be specific: "use energy-saving modes" is better than "save energy", and "recycle through a certified e-waste centre" is better than "recycle old computers".

Task Set

Questions 1–5 are auto-checked. Questions 6–10 are self-marked — write your answer, then reveal the model answer to check your work.

1. Which type of malware encrypts a victim's files and demands payment to restore access? TYPE 1

2. What is the key difference between a virus and a worm? TYPE 1

3. Which security measure requires a second verification step in addition to a password? TYPE 1

4. A school sends its old laptops to a certified e-waste recycling centre. Which environmental impact does this most directly address? TYPE 1

5. What best describes a phishing attack? TYPE 1

6. Describe two ways a business could reduce the environmental impact of its computing infrastructure. TYPE 2

Any two of the following (1 mark each):
  • Enable energy-saving/sleep modes so devices consume less electricity when idle.
  • Recycle old hardware through a certified e-waste centre to prevent toxic materials entering landfill and to recover valuable materials.
  • Move services to cloud computing — shared server infrastructure is more energy-efficient than each business running its own under-used servers.
  • Choose energy-efficient hardware with good energy ratings to reduce electricity consumption over the device's lifetime.
  • Turn devices off fully overnight rather than leaving them on standby.
  • Buy refurbished or second-hand devices to extend existing hardware's life and reduce manufacturing demand.

7. Explain the difference between a Trojan and a worm. TYPE 2

Trojan: Malware disguised as legitimate software; it tricks the user into installing it voluntarily. A Trojan does not self-replicate.

Worm: Self-replicating malware that spreads automatically across networks without any user action required.

Award 1 mark for each correct explanation. Full marks require both — one definition alone is insufficient for a "difference" question.

8. Explain how encryption protects data stored on a laptop. TYPE 2

Encryption scrambles/transforms the data using a key so that it cannot be read in its stored form. (1 mark)

Even if the laptop is stolen, the data is unreadable without the correct decryption key, so an attacker cannot access the information. (1 mark)

9. A user receives a text message from "HMRC" stating they are owed a tax refund and must tap a link to claim it within 24 hours. Identify the type of attack and describe two clues that suggest it is not legitimate. TYPE 2

Attack type: Phishing (via text message — also called smishing). (1 mark)

Two clues (1 mark each):
  • HMRC does not contact people about tax refunds by asking them to tap a link in a text message — this is not how official government communication works.
  • The message creates artificial urgency ("within 24 hours") to pressure the user into acting without thinking — a classic phishing tactic.
  • Legitimate tax refunds are paid directly into a bank account on file; they do not require the user to follow a link to claim them.
  • The link URL (if visible) is likely to be a fake domain rather than gov.uk.

10. Describe how a firewall protects a computer network, and explain why antivirus software must be kept up to date. TYPE 2

Firewall (2 marks):
A firewall monitors all incoming and outgoing network traffic and applies a set of rules to decide what is allowed. (1 mark) Any connections that do not meet the rules are blocked, preventing unauthorised access to the network. (1 mark)

Antivirus updates (1 mark):
New malware is created constantly. Antivirus software detects threats by comparing files against a database of known malware signatures. If the database is out of date, the software will not recognise new threats and will fail to protect the system.
Teacher notes — Shift+T to hide

Suggested timing: 70 minutes. Warm up 10 min; notes 25 min (split: environmental impact 12 min, security 13 min); worked examples 10 min; now you try 5 min; task set 20 min.

Key misconception to address: Pupils frequently conflate the different malware types, especially virus/worm and trojan/spyware. Stress that each type has a distinct definition — exam questions will test precise terminology. Also address the common belief that "encryption = security": it protects data contents but not access to the system.

Live demo suggestion: Show a real phishing email (use a screenshot from a spam folder or a published example). Walk through each clue: sender domain, urgency language, hover over link to reveal mismatch. Pupils respond well to seeing a real example. For environmental impact, show a live data centre energy dashboard if available (e.g. Google's carbon reporting page).

Extension question: "A company says it doesn't need antivirus software because it has a firewall. Explain why this reasoning is flawed." (A firewall blocks network-level intrusions; it does not scan files for malware that enters via legitimate channels such as email attachments or USB drives. Both are needed as complementary layers of defence.)

SQA command words covered: identify, describe, explain, suggest.