We are members of CIS, Center for Internet Security, (Multi State Information Sharing and Analysis Center), a government subsidized security organization. User credentials are in 1password. One of the benefits is a security service called Malicious Domain Blocking and Reporting (MDBR). It is a DNS service that stops known threats from becoming resolved into IP addresses (or if it is a known bad IP address). This organization, since it is government supported, gets up to date threats and zero-day threats updated instantaneously. Also, all other government organizations, universities, schools, and businesses that are members benefit from any threats all these organizations receive, to benefit other members. The aggregate data shows that many of the threats were stopped by this service as opposed to firewalls and other cyber security measures. Many firewalls and cyber security software vendors were not able to identify some threats, but MDBR DNS service was updated and blocked these threats from every being accessed by a workstation.
"CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. elections offices."
CIS has our IP ranges for DQE and CrownCastle, which is required to allow us to use the service. Please click here for the setup instructions.
"MDBR technology prevents IT systems from connecting to harmful web domains, helping limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain." You can learn more about it here: https://www.cisecurity.org/ms-isac/services/mdbr
To test to see if it is working, go to these sites below. The screenshots below are the pages you will receive to confirm the service is working:
• CnC: akamaietpcnctest.com
• Phishing: akamaietpphishingtest.com
• Malware: akamaietpmalwaretest.com