In an effort to improve the cybersecurity status of government agencies, and strengthen their resilience against cyber attacks, The Center for Internet Security (CIS) will work with the Cybersecurity and Infrastructure Security Agency (CISA), and Akamia to pilot a Malicious Domain Blocking and Reporting Service (MDBR). The 12-month program will aid participating governments in blocking connections between their IT systems and malware-laden websites. Plans are to add an additional layer of secure Domain Name System (DNS) security to protect their applications accessing web servers and external mail servers, and to enhance their existing network defenses
Malware, ransomware, phishing, and other cyberthreats are usually spread through links in phishing emails that connect an organization’s network to malicious websites. With MDBR, domain name system (DNS) requests are channeled through Akamai servers, which then automatically compare requests against a list of known malicious websites to screen potentially harmful connections.
“MDBR is built on top of Akamai’s Enterprise Threat Protector (ETP) service, which is deployed on its platform that provides carrier-grade recursive DNS service,” said Ed Mattison, CIS executive vice president of operations and security services. “The Akamai Intelligent Edge Platform delivers up to 2.2 trillion DNS queries daily, making it a great partner for this initiative.”
The service will be free of charge to U.S. State, Local, Tribal, and Territorial (SLTT) government members of CIS’ Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).
“The MDBR service is based on proven, effective, and easy-to-deploy technology that is designed to quickly help SLTT security teams improve their current security defenses,” said Patrick Sullivan, VP and CTO of Security Strategy at Akamai. “The real-time threat intelligence in MDBR is based on Akamai’s unprecedented global visibility into web and DNS traffic, which is key to enable us to proactively defend against today’s evolving threat landscape that SLTT security teams face.”