The IT Support Glossary: Cyber Security (Part I)

Introduction 

There’s a reason that cyber security is such a hot topic here on the Get Support blog: it matters. 

Whether you’re an early stage start-up or an established SME, having the right cyber security measures in place can be the difference between success and disaster. 

But if you’ve tried to understand cyber security and the various threats that are out there, you’ve probably also felt a bit overwhelmed by the sheer volume of jargon. Don’t worry – we have too. That’s why we’ve put together, in our famous plain English style, the following glossary of key cyber security terms for UK businesses. 

So let’s dive in.  

DNS Tunnelling 

DNS tunnelling is a very rare, yet incredibly sophisticated, form of cyber attack. In fact, it’s rare mostly because it’s so hard to get right. 

In plain English, DNS tunnelling relies on the “Domain Name System”, or DNS, which forms the backbone of the modern web. It’s the system which translates website links and IP addresses into readable .com or .co.uk addresses. Because the protocol is so essential for use of the web, DNS requests are allowed through any company firewall by default, making them a prime target for malicious actors. 

DNS tunnelling refers to the concept of hijacking this trusted DNS protocol to create a connection between an infected device and a malicious server.  

A user can become infected with malware (through social engineering or other methods) which then begins to send DNS requests from the infected device to the attacker’s server to create a connection, or tunnel. Because DNS requests are often allowed through any firewall, these (ostensibly legitimate) requests are sent and received unhindered, meaning the attacker can extract data from the device at will through this tunnel. 

Because this type of attack is disguised as legitimate DNS traffic, it’s very tough to detect – but it can be done with a more advanced security system such as an Endpoint Detection and Response platform.  

Honeypot 

Now let’s look at the most intriguingly named of this particular collection of tech jargon: the honeypot.  

Quite unlike many of the others in this glossary, a honeypot is in fact a cyber security countermeasure. Its goal is to lure in unsuspecting cyber criminals so as to convince them that their attack has been successful. 

The cyber security honeypot is used by organisations to help distract from genuine systems, to give them a chance to better understand cyber criminal tactics, and to gain insight on how to improve their cyber security systems.  

Man-in-the-Middle (MITM) attack  

A Man-in-the-Middle (MITM) attack is another cyber security term which is wonderfully descriptive. In this type of attack, a criminal will actually intercept sensitive data while it’s moving from one place to another. For example, a common MITM attack might be a cyber attacker who spies on someone’s instant messaging software and is able to either steal data directly or alter that data before it’s delivered.  

Man-in-the-Middle attacks used pose a significant risk for businesses, but with end-to-end encryption now standard on most digital communication systems, it’s become less of a problem over time.  

Smishing 

SMS phishing, often stylised as “SMiShing” is a form of attack which uses text messages as the vector.  

You will probably have seen these on your own mobile phone, with criminals masquerading as delivery couriers, the government, and other official bodies. They’ll generally attempt to extort specific personal information from you or your business either via a reply or with a link to a fake website. If smishing attacks include phone numbers, these are usually set up via VoIP so that the number cannot be traced to a physical location.  

Spear phishing 

Spear phishing, as the name suggests, is a more targeted form of classic phishing attacks.  

Rather than simply sending mass emails or other forms of communication to a group of employees, a spear phishing attack will focus on one particular individual in a company. The individual doesn’t necessarily need to be a high-ranking individual (there’s another name for that which we’ll get to shortly), but simply someone the attackers have identified as being vulnerable to a phishing attempt.   

Spear phishing can be a very sophisticated attack which uses personal knowledge of the individual to convince them that the email (and the request it contains) is legitimate. Of course, any links or attachments included in such emails will be fraudulent, with the goal of either stealing personal data or infecting the target’s device with malware.  

Whaling 

Continuing the marine theme of cyber security issues is our next form of attack: whaling. 

Similar to spear phishing, whaling is a cyber attack which focuses on just one person, but even more specific. The ‘whale’, or the big fish, in this context is usually a member of a company’s high-level management team – such as the Managing Director or CEO. Whaling relies on this individual’s access to all areas of a business to enhance the chances of making a successful attack in terms of access to data or finances.  

Whaling is one of the most common reasons that C-suite employees suffer from hacking attempts, making education on the issue all the more important for high-ranking employees.  

Vishing 

Vishing might be an unusual word, but the actual attack itself is something you’re sure to recognise: it’s a classic phone scam.  

Vishing – or ‘voice phishing’ – refers to a scammer attempting to extort personal details, data, finances, or anything else by using a telephone conversation. This type of attack relies on social engineering to convince the target on the phone that the scammer is someone of authority. Once trust is established, the scammer can manipulate the person to do whatever they want them to – and that can spell big trouble for SMEs.  

Looking for help with IT support and cyber security? 

With Get Support, you don’t just get access to a growing team of IT support experts who can help you change passwords, configure security policies, set up new users, and more.  

You also get decades of combined experience working with SMEs across the UK to build out robust and reliable cyber security protection systems and processes.  

If you’d like to know more about what our team could do for your team, just call us today on 01865 594 000 or fill in the form at the bottom of this page.