Computer Science · 12th Grade · Network Architecture and Cryptography · Weeks 28-36

Common Cybersecurity Threats and Attack Vectors

Students analyze common attack vectors like SQL injection, man-in-the-middle, and social engineering.

Common Core State StandardsCSTA: 3B-NI-04CCSS.ELA-LITERACY.RST.11-12.3

About This Topic

Cyberattacks succeed by exploiting specific vulnerabilities in either software systems or human behavior. At the 12th-grade level, students move beyond general awareness to a structured analysis of attack vectors , the specific paths an attacker can use to gain unauthorized access or cause damage. SQL injection exploits unsanitized database queries; cross-site scripting (XSS) injects malicious scripts into web pages viewed by other users; man-in-the-middle (MitM) attacks intercept communications between two parties; and social engineering bypasses technical defenses entirely by targeting human psychology and trust.

Understanding attack mechanics is essential for defensive programming. CSTA standard 3B-NI-04 asks students to evaluate security trade-offs in software design, and this is impossible without understanding what attackers actually do. Students examine why the human element is frequently cited as the weakest security link , not because people are careless, but because social engineering exploits cognitive shortcuts that are normally adaptive in everyday social situations.

Active learning is particularly effective here. Students who have successfully executed a controlled SQL injection in a sandboxed environment understand input validation at a practical level that reading about parameterized queries never provides.

Key Questions

  1. Why is the human element often the weakest link in a security system?
  2. Differentiate between various types of cyberattacks and their primary objectives.
  3. Analyze how different attack vectors exploit vulnerabilities in software or human behavior.

Learning Objectives

  • Analyze the technical mechanisms of SQL injection and cross-site scripting (XSS) attacks.
  • Compare and contrast the objectives and methods of Man-in-the-Middle (MitM) attacks versus social engineering.
  • Evaluate the effectiveness of specific security controls against common attack vectors.
  • Design a mitigation strategy for a given software vulnerability to prevent a specific attack vector.
  • Explain how human psychological principles are exploited in social engineering attacks.

Before You Start

Introduction to Network Security Concepts

Why: Students need a foundational understanding of basic network protocols and security principles before analyzing specific attack vectors.

Web Application Fundamentals

Why: Understanding how web applications process user input is crucial for comprehending attacks like SQL injection and XSS.

Basic Programming Concepts

Why: Familiarity with programming logic and data handling helps students grasp how vulnerabilities are exploited in code.

Key Vocabulary

SQL InjectionAn attack where malicious SQL code is inserted into input fields, allowing an attacker to manipulate a database.
Man-in-the-Middle (MitM)An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
Social EngineeringThe psychological manipulation of people into performing actions or divulging confidential information, often bypassing technical security measures.
Cross-Site Scripting (XSS)A web security vulnerability that allows an attacker to inject client-side scripts into web pages viewed by other users.
Attack VectorThe specific path or method by which an attacker gains unauthorized access to a computer or network system.

Watch Out for These Misconceptions

Common MisconceptionOnly careless or unsophisticated users fall for social engineering.

What to Teach Instead

Spear phishing , targeted attacks using personalized information , has successfully compromised security professionals and executives at major organizations. Using a realistic spear phishing email crafted from a student's public social media profile (with their permission) demonstrates how credible targeted attacks can be.

Common MisconceptionSQL injection is a simple, obvious attack that any developer would catch.

What to Teach Instead

SQL injection has persisted in the OWASP Top 10 vulnerabilities list for over a decade. The attack is easy to execute but surprisingly common in production code because input validation is easy to omit during fast-paced development. Have students audit a snippet of real open-source code for injection vulnerabilities.

Active Learning Ideas

See all activities

Hands-On Lab: SQL Injection Sandbox

Students use a purpose-built vulnerable web application (like DVWA or a simplified teacher-built version) to attempt a SQL injection on a login form. After successfully bypassing authentication, they inspect the vulnerable code and rewrite it using parameterized queries. The before-and-after comparison makes input sanitization immediately meaningful rather than abstract.

55 min·Pairs

Role Play: The Social Engineering Audit

One student acts as a helpdesk employee receiving a call from another student playing an urgent executive requesting a password reset without proper verification. The class observes and identifies red flags. After three rounds with different scenarios, the class builds a shared protocol for handling suspicious requests, turning observation into written procedure.

30 min·Small Groups

Gallery Walk: The Anatomy of a Breach

Post case study cards for four real breaches (Equifax 2017, Target 2013, SolarWinds 2020, and a recent incident). Each card shows the attack vector, the technical and human failures, and the eventual impact. Groups rotate and identify the single point where each breach could have been prevented, then debrief on which attack vectors appeared most frequently across all four cases.

40 min·Small Groups

Real-World Connections

  • Financial institutions like Chase Bank and Wells Fargo employ cybersecurity analysts to monitor for and defend against sophisticated attacks such as MitM and SQL injection that could compromise customer accounts.
  • Tech companies such as Google and Microsoft regularly update their software and web browsers to patch vulnerabilities exploited by XSS attacks, protecting millions of users from malicious code injection.
  • Government agencies like the FBI investigate cases of social engineering, such as phishing scams that trick individuals into revealing personal data, which can lead to identity theft and financial fraud.

Assessment Ideas

Exit Ticket

Provide students with three brief scenarios, each describing a different type of cyberattack (e.g., a user clicking a suspicious link, a database error message, a fake login page). Ask students to identify the primary attack vector for each scenario and briefly explain why.

Discussion Prompt

Pose the question: 'Why is the human element often considered the weakest link in cybersecurity?' Facilitate a class discussion where students share examples of social engineering and discuss the cognitive biases that make people susceptible.

Quick Check

Present students with a simplified code snippet that is vulnerable to SQL injection. Ask them to identify the vulnerable part of the code and write a single malicious SQL query that could exploit it in a controlled environment.

Frequently Asked Questions

What is SQL injection and how does it work?
SQL injection inserts malicious SQL commands into an input field used to build a database query. If the application passes user input directly to the query without sanitization, the malicious commands execute. For example, entering a crafted string into a login field might return all user records, bypassing authentication entirely.
What is a man-in-the-middle attack?
In an MitM attack, an attacker secretly intercepts communications between two parties, reading or modifying data before passing it along. Both victims believe they are communicating directly with each other. This is most common on unsecured networks where an attacker can position themselves between a user's device and the router.
Why is the human element considered the weakest link in security?
Technical defenses like firewalls and encryption can be nearly impenetrable, but people can be persuaded, deceived, or manipulated into bypassing those defenses. An attacker who convinces an employee to provide credentials via a convincing phone call has defeated sophisticated technical systems using a simple psychological technique.
How does hands-on lab work improve understanding of attack vectors?
Abstract explanations of SQL injection do not convey how easy these attacks are to execute or how significant their impact is. When students successfully bypass a login form in a safe environment, they immediately understand why never trusting user input is a fundamental development principle. The experience is far more persuasive than any written description.

More in Network Architecture and Cryptography

Network Fundamentals: OSI and TCP/IP Models

Students learn about the layered architecture of networks using the OSI and TCP/IP models, understanding how data flows.

2 methodologies

Internet Protocols: TCP/IP, DNS, HTTP

Students study TCP/IP, DNS, and HTTP in detail, simulating how packets move across a distributed network.

2 methodologies

Routing and Switching

Students explore how routers and switches direct network traffic, understanding concepts like IP addressing and subnetting.

2 methodologies

Wireless Networks and Mobile Computing

Students investigate the principles of wireless communication, Wi-Fi security, and the challenges of mobile computing.

2 methodologies

Defensive Strategies and Security Best Practices

Students design defensive strategies for software applications and learn about security best practices for users and organizations.

2 methodologies

Public Key Cryptography and RSA

Students understand the mathematics behind RSA and explore how asymmetric encryption allows for secure communication.

2 methodologies