Microsoft provides new defense capabilities for Defender for Office 365. The solution can now repel so-called email bombing attacks.
Microsoft Defender for Office 365 can now protect companies against email bombing attacks. These are attacks similar to DDoS campaigns. Criminals flood an organization’s mailbox with an abundance of emails. The emails themselves are not necessarily malicious, but the volume can overwhelm the mail server and certainly causes legitimate emails to disappear under the deluge of irrelevant messages.
Defender for Office 365 will now detect and block such attacks. Microsoft automatically activates the new setting. Administrators don’t need to tweak any settings. Emails recognized as part of an email bombing campaign automatically disappear into the spam folder.
Rollout
Microsoft started rolling out the functionality in June and expects to be completely finished by the end of July. Analysts and administrators can work with the Mail Bombing detection type in the Email entity page, the summary screen, and Advanced Hunting.
Microsoft continues to fine-tune its own security suite. Defender for Office 365 was formerly known as Office 365 Advanced Threat Protection and is specifically aimed at enterprises that desire an extra layer of security. The name is somewhat dated, as Microsoft has phased out the Office 365 brand in favor of Microsoft 365, with or without the Copilot suffix.