A recent research has shown that 96% of social engineering attacks are delivered by email, while just 3% arrive through website, and just 1% are associated with phone or SMS communications and malicious documents respectively. Microsoft attack simulator allows you to run realistic simulated attacks against your environment to determine vulnerabilities with your users and determine proactive mitigation.
The idea behind the attack simulation training feature, is for the IT departments to set up the delivery of simulated phishing e-mails in an organization and get information on end user responses to them. If your organization has Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2, which includes Threat Investigation and Response capabilities, you can use Attack simulation training in the Microsoft 365 Defender portal to run realistic attack scenarios within your organization.
Supported Simulated Attacks:
The tool supports the three following types of simulated attacks as of today, according to this Microsoft’s documentation here:
- Spear-phishing attack: While phishing tactics may rely on shotgun methods that deliver mass emails to random individuals, spear phishing focuses on specific targets and involve prior research. Read more
- Password-spray attack: A Password Spraying Attack is a type of brute force attack where a malicious actor attempts the same password on many accounts before moving on to another one and repeating the process. (one password against many accounts) Learn more
- Brute-force password attack: A brute force attack uses trial-and-error to guess login info, encryption keys, or find a hidden web page. (many passwords against one account). See more
Attack Simulation Insights
Microsoft provides you with insights based on outcomes of simulations and trainings that employees went through. These insights will help keep you informed on the threat readiness progress of your employees, as well as recommend next steps to better prepare your employees and your environment for attacks. The recommendations are based on the payload used in the simulation, and will help you protect your employees and your environment.
When it comes to licensing, below you can see in which plan is included Attack Simulator:
In conclusion, while the whole simulation creation and scheduling experience has been designed to be free-flowing and frictionless, running simulations at an enterprise scale often requires planning.
Reach out VNEXT experts here to support you during the process to secure your organization.