A leading internet non-profit is offering US hospitals a free DNS security tool designed to help protect them from ransomware and other threats.
The Center for Internet Security (CIS) announced on Friday that its Malicious Domain Blocking and Reporting Service (MDBR) would be made available at no cost to all non-public hospitals.
The MDBR works by monitoring and blocking any outbound DNS traffic headed for suspicious domains.
“Once an organization points its domain name system (DNS) requests to Akamai’s DNS server IP addresses (primary and secondary), every DNS lookup will be compared against a list of known and suspected malicious domains,” CIS claimed.
“Attempts to access known malicious domains such as those associated with malware, phishing and ransomware, among other threats, will be blocked and logged. Accepted and blocked DNS request logs will be stored for a period of 30 days.”
CIS will provide weekly reports for users of the service to show accepted and blocked requests, and said it will also help with remediation where needed. However, users will not be able to log-in to the Akamai portal and download logs directly as these will come at a cost.
As for that list of known bad domains, CIS said Akamai maintains it with the latter’s own and third-party threat intelligence feeds, as well as publicly available information including WHOIS and domain registration details.
“All of this data is analyzed using proprietary algorithms that can quickly identify malicious domains contained in this large volume of data,” CIS continued.
“Additionally, the Akamai threat research team further analyzes the data sets, as there are certain types of threats that an automated machine learning process will not easily detect.”
CIS claimed that switching on the service would take a matter of minutes for participating hospitals. They would be well minded to sign-up given the increase in threat activity launched against the sector during 2020.
Healthcare data breaches increased 55% year-on-year in 2020, impacting over 26 million patients, according to Bitglass. Sophisticated customized ransomware attacks have been particularly mercenary given the work hospitals are doing on the frontline fight against COVID-19.