365tips.be

The best Microsoft 365 tips on the web

Attack Simulator at Office 365 - run attack simulation

Run attack simulator to address resistance around Multi-factor authentication

Resistance to rolling out MFA in your organization? Earlier, I gave specific tips on how to engage MFA or Security Defaults.

In this blog, I provide concrete advice to substantiate why it's better for an organization to choose MFA. The steps below will give you a clear overview of the risks you face if you don't use Multi-factor Authentication.

Report

It is often the role of the IT organization to always be able to facilitate and report the risks. Of course with actual figures, you obtain these via a test with the attack simulator.

It is an organizational responsibility to act on the organization's risks. Map and record the risks so that the trends can be analyzed, and the necessary actions implemented.

Attack simulator

Activate a demo license of Microsoft 365 E5 via admin.microsoft.com and activate it on your current user.

Do an attack simulation in which you want to ask everyone in your organization to bring their paycheck or personal information up to date.

Obviously, you want to measure how many users enter their username & password. Usually more than 30%!

OK. Let's go! Browse to the attack-simulator page https://protection.office.com/attacksimulator

Launch a campaign (with a payroll update, for example)

Choose individuals in your organization, best everyone.

Enter data that connects with your organization.

Use URLs similar to your payroll or payroll processing URLs.

Fill a topic that connects with the current updates you use as an organization.

Customize the HTML file with the goal that this email looks as good as possible so that it doesn't deter within your organization.

Do the attack via attack simulator.

Users will receive an email as below.

They fill out (hopefully not) their account details.

Through this URL you can monitor the test-attack.

Summary

Measurability of the attack simulation allows you to report numbers to indicate how important an MFA implementation is.

This is not the only way credential-breaches or usernames and passwords are abused. There are other possibilities as well.

Related blogs

Millions of users risk increased vulnerability to attacks
Make legacy authentication transparent with Azure Log Analytics
Secure Score for Microsoft Azure
Microsoft Teams security setups in 4 steps
The 10 security recommendations we need to set up now that we're working from home!

Tagged: , , , , , , , , , ,
0 0 vote
Article review
Subscribe
Please let us know if there are
guest

0 Comments
Inline feedbacks
See all comments
0
Would love to know your thoughts, please leave a comment.x