White Paper: Effective protection in all phases of a cyber attack with Microsoft 365 Defender
- Date: 15 December, 2021
Abstract:
Introduction
Change is a constant in the never-ending arms race between hackers and cybersecurity
experts. Attacks have become more complex, common and creative, posing new challenges and
requiring better tools to tackle familiar and newly emerging threats.
While the specifics of individual attacks can vary, it is possible to identify certain patterns and
phases that apply to most cyber attacks. They generally follow the following stages:
• The reconnaissance phase. The attacker identifies a vulnerable target and figures out how to
exploit it.
• The weaponisation phase. The hacker uses the previously gathered information to find and
create ways that allow him/her to get into the target’s network. Spear phishing mails or
whaling attacks are prime examples.
• The delivery phase. Phishing mails are sent and/or ‘watering hole’ web pages are posted on
the internet.
• In the exploitation phase, the attacker starts to reap the rewards of his/her attack by
attaining passwords and usernames and infiltrating deeper into the network and IT
infrastructure of the victim