With the spotlight on Cybersecurity right now with the outbreak of the WannaCry (also called WannaCrypt) ransomware, I wanted to take the opportunity to discuss blocking internet traffic from entire countries. While it will not protect you against everything, it does prevent some issues, especially attacks launched from specific regions and originating countries.
Surprisingly few businesses block traffic from other countries as part of their regular cybersecurity operations. But here is why you should.
For instance, we work with a lot Healthcare Organizations and Financial Institutions, like Credit Unions and Independent Financial Planners. Most of these businesses have a small operational footprint focusing on a specific Community, City, State, or Region. Very few of them would be getting legitimate web traffic from China, Ukraine, Belarus, Germany or France.
If a Hospital, or a Credit Union, or even your business isn’t seeking clients from any of these places, there is no reason to allow communications originating from any of these or other locations. By blocking communications from other countries, you can prevent and at least reduce your cyber-risk profile.
You’re less likely to be scanned or probed, hit with DDoS and a host of other attacks from these countries.
Yes. This is not a cure-all and will not prevent everything. You still need to have an excellent proactive and dynamic cybersecurity plan and procedures in place. So, it won’t end and prevent all threats.
Even if all you have is a small website, I bet if you or your IT guys look, you’re going to see traffic and scans from China and perhaps several other countries. It’s like locking all the doors and windows of your home or business but leaving your front door open with a sign saying come on in.
If you can, block all traffic except the traffic you want. If you are not sure of you already are doing this, ask your IT department.
If you still aren’t sure or need further assistance – CONTACT US.