In a cybersecurity context, what does 'whaling' refer to?

'Whaling' specifically refers to phishing attacks that target high-profile individuals within an organization, such as executives or other senior officials. The primary goal of these attacks is to exploit the significant access and authority that these individuals have within a company. By targeting these "big fish" or "whales," attackers aim to gain sensitive information, financial access, or to initiate unauthorized transactions, making these types of phishing attempts particularly dangerous and potentially damaging to an organization.

The term comes from the analogy of fishing, where "whaling" is seen as an attempt to catch larger and more valuable targets instead of ordinary phishing, which would be more generalized and indiscriminate. High-profile individuals often have access to more sensitive information, making them prime targets for such attacks. By employing social engineering techniques tailored to these individuals' roles and responsibilities, attackers can craft more convincing and effective phishing messages.

In contrast, the other options do not accurately represent 'whaling.' Shutting down a company’s website pertains more to denial-of-service attacks rather than phishing. Securing physical storage units relates to physical security rather than cyber threats. Monitoring web traffic is a security measure for identifying potential vulnerabilities but does not involve the targeted approach that characterizes whaling.