Microsoft's new tool allows enterprise security teams to run mock ransomware campaign

Reading time icon 2 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Microsoft today released two new tools to help IT professionals simplify how they manage security across their enterprises. First tool is called Microsoft Secure Score which will help organizations to determine which controls to enable to help protect users, data and devices. It will also allow organizations to compare their score with similar profiles using built-in machine learning.

The second tool is called Attack Simulator which will allow enterprise security teams to run simulated attacks including mock ransomware and phishing campaigns. This will help them in learning their employees’ responses and tune security settings accordingly. They can run the following attacks for now.

  • Display Name Spear Phishing Attack: Phishing is the generic term for socially engineered attacks designed to harvest credentials or personally identifiable information (PII). Spear phishing is a subset of this attack type which is targeted, often aimed at a specific group, individual, or organization.  These attacks are customized and tend to leverage a sender name that generates trust with the recipient.
  • Password Spray Attack: To prevent bad actors from constantly guessing the passwords of user accounts, often there are account lockout policies.  For example, an account will lockout after a certain number of bad passwords are guessed for a user.  However, if you were to take a single password and try it against every single account in an organization, it would not trigger any lockouts.  The password spray attack leverages commonly used passwords and targets many accounts in an organization with the hope that one of the account holder uses a common password that allows a hacker to enter the account and take control of it.  From this compromised account, a hacker can launch more attacks by assuming the identity of account holder.
  • Brute Force Password Attack: This type of attack consists of a hacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.

Learn more about this new Attack Simulator tool here.

More about the topics: Attack Simulator, Microsoft Secure Score, office 365, Office 365 Threat Intelligence