Defence against vishing

A single phone call can bring down your network, warns Alan Stewart-Brown at Opengear; here’s how to prevent it

 

Following a series of reported cyber-incidents at prominent UK retailers, the National Cyber Security Centre urged organisations to be alert for fraudsters calling internal support lines while posing as IT staff. Public reports on the attacks describe callers requesting urgent password resets. Security analysts label this technique “vishing”: voice-based phishing that relies on urgency and credible technical language, rather than malware.

 

If confirmed, these breaches underline a growing trend: Social engineering is fast becoming one of the most effective ways for cyber-criminals to gain access to corporate networks. This is also reflected in CrowdStrike’s 2025 Global Threat Report, which recorded a 442% jump in vishing between the first and second half of 2024, a figure no security leader can ignore.

 

This escalating threat comes at a time when experienced network engineers are retiring or moving on, leaving slimmer teams to manage complex systems and spot subtle signs of an attack. Social engineering preys on human weaknesses; every gap in experience widens the attack surface. Less experienced employees may miss sophisticated pretexting or unusual help-desk requests that should raise red flags.

 

Without strong human oversight, attackers can exploit simple password reset processes to gain access. Once inside, they can move laterally, deploy ransomware, or disrupt critical services long before an alert is raised. The financial hit, millions in recovery costs and regulatory fines, is serious. Yet the greater damage is lost trust. Customers and partners rarely forget avoidable downtime.

 

A practical approach to resilience

To tackle both rising social engineering and fewer skilled engineers, businesses require security solutions that reduce reliance on manual effort. One pragmatic defence is to manage the network via a pathway an adversary cannot easily reach. A Smart Out of Band (OOB) layer isolates the management plane from production traffic and stays available even when the primary network is disrupted. This secondary channel allows engineers to verify user identities with code words or digital certificates, thereby blocking attempts to trick help-desk staff during password resets.

 

It also enables more rapid containment when suspicious activity appears. Instead of scrambling to adjust firewall rules over the compromised network, the team can pivot to the OOB link, fence off suspect equipment, and roll back settings without touching the infected path configurations. Fast containment keeps minor incidents from becoming headline events.

 

For understaffed teams, these capabilities automate a wide range of time-consuming manual steps, thereby easing pressure and speeding up response. Automation plays a key role as well. By linking alerts to threat intelligence feeds, systems can flag risky logins (such as an admin account accessing from an unusual location) and automatically enforce lockdowns.

 

These approaches might include temporarily disabling network ports or remotely power cycling compromised devices. This means even a single engineer handling multiple incidents has a reliable first line of defence, buying time to investigate calmly without letting threats spread.

 

Secure access from anywhere

Secure remote management also supports the flexible workstyles common today. As hybrid and remote work has become the norm, engineers now diagnose faults from homes, hotels, and customer sites.

 

Without a hardened, secure, remote OOB connection, they waste time reconnecting through VPNs, or risk exposing sensitive interfaces to the internet. By contrast, a dedicated network management channel supplies the reach and reliability remote staff need. Wherever they open their laptop, they connect through a channel built for sensitive commands.

 

With that assurance, they can push firmware updates, capture logs or shut down a misbehaving router in minutes. Field travel decreases, mean-time-to-repair falls, and the business gains resilience without adding headcount.

 

Integrating secure management with wider security tools enhances protection still further. Connecting Smart OOB platforms to SIEM systems effectively links console-level alerts with network-wide telemetry, thereby delivering a clear, unified view of threats. This comprehensive approach means that no suspicious activity goes unnoticed, even on rarely accessed ports.

 

Closing the gap

Combining OOB management with automation creates a strong cycle of resilience, even in a rapidly changing threat landscape. Engineers get secure processes that block social engineering, while automated defences cover talent shortages.

 

Separating the control plane, backing it with responsive automation, and fusing it with unified visibility introduces a fail-safe, even if a ‘visher’ persuades an employee, an independent barrier still stands. For lean teams, that structure turns a single phone call from potential catastrophe into a quickly contained anomaly.

 

By embedding secure, automated management paths into their infrastructure, organisations can shrug off shocks, restore services swiftly, and preserve customer confidence, no matter how convincing the next fraudster sounds.

 

---

 

Alan Stewart-Brown is VP EMEA at Opengear

 

Main image courtesy of iStockPhoto.com and Tero Vesalainen