Controls for avoiding Brute force attack on O365 email

uday nair 1 Reputation point
2023-07-13T02:26:09.3+00:00

We are facing bruteforce attack on O365 email. There are multiple sign-in attempts on multiple user IDs from multiple locations. Worried, it might turn into Denial of Service attack. Is there any solution for this. Kindly help urgently.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
880 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 37,141 Reputation points Microsoft Employee
    2023-07-13T22:53:35.4933333+00:00

    Hi @uday nair ,

    Thanks for your post! I'm sorry to hear that you are facing an issue with brute force attacks and worrying about the possibility of a Denial of Service attack. There are several options you could implement to mitigate this risk.

    In Azure AD, Smart Lockout is great way to safeguard against brute force attacks. If you enable Smart Lockout, accounts will be locked by default for one minute after 10 failed attempts to sign in. You can also configure the threshold to lock accounts after fewer attempts. After subsequent failed attempts, the lockout period increases.

    For email threats specifically, Microsoft Defender for Office 365 offers protection against advanced attacks, including phishing, brute force attacks, and ransomware. It has been used to block billions of brute force attacks and phishing emails. It offers network throttling to protect Office 365 infrastructure and customers from Denial of Service attacks by limiting the number of messages that can be submitted by a specific set of infrastructure.

    In addition, implementing MFA for your users and applying conditional access policies will make it harder for bad actors to break through, since users would be required to perform multiple forms of authentication.

    See also: Microsoft Denial of Service Defense Strategy

    If the information was useful to you, please Accept the answer. This will help us and improve discoverability for others in the community who may be researching similar questions.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.