Free MDBR Service Helps Small Governments Block Malicious Domains
The Cybersecurity and Infrastructure Security Agency (CISA) and the Center for Internet Security (CIS) have teamed up to provide free Malicious Domain Blocking and Reporting Service (MDBR) to small governmental organizations. The service uses security vendor Akami Technologies to block harmful websites that contain ransomware, spyware, and other malicious code.
The MDBR service is available for U.S. State, Local, Tribal, and Territorial (SLTT) government members of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).
The goal of the pilot program is to reduce successful malware, ransomware, phishing, and other cyber attacks on IT networks used to administer state and local elections. The program is intended to help governmental organizations secure their networks in preparation for the November 2020 general election.
How does malware spread on a network?
Malware is commonly spread to an IT network through phishing emails, compromised USB flash drives, and downloads from malicious domains. Remote Desktop Protocol (RDP) which is a legitimate method for corporate tech support to help employees with computer problems can also be exploited to remote control a computer.
How MDBR works
MDBR blocks the initial connection to domains known to contain malware. Any attempts to access harmful domains that are already associated with malware, spyware, phishing, ransomware, and other cyber attacks are blocked preventing the user from infecting their own computer.
“Once an organization points its domain name system (DNS) requests to the Akamai’s DNS server IP addresses, every DNS lookup will be compared against a list of known and suspected malicious domains,” states the CIS website.
Akamai’s Enterprise Threat Protector (ETP) service is incorporated into the MDBR Services and is available as a pilot program through next June.
This free program is available to any participating organization. It requires no security updates or other maintenance. All security and systems maintenance is provided by CIS and Akamai.
“Akamai provides all logged data to the CIS Security Operations Center (SOC), including both successful and blocked DNS requests. This data will be utilized to perform detailed analysis and reporting for the betterment of the SLTT community and for organization-specific reporting for each SLTT organization that implements the service. CIS will provide regular reporting and intelligence services for SLTT members,” says CIS
The Center for Internet Security (CIS) is a federally funded nonprofit.
How to Sign Up for CIS MDBR
Existing MS- and EI-ISAC members can sign up for no-cost MDBR by registering on the website
The free MDBR pilot period ends on June 30, 2021.