The Center for Internet Security (CIS) announced last week that it has launched the Malicious Domain Blocking and Reporting (MDBR) service to assist U.S.-based private hospitals with ransomware and cyber-attacks for free. CIS, a not-for-profit entity, “is fully funding this for private hospitals at no cost, and with no strings attached, because it’s the right thing to do, and no one else is doing it at scale.” According to the announcement, the product is designed as a ransomware protection service and a “no-cost cyber defense for U.S. hospitals.”
CIS teamed up with Akamai to offer its Enterprise Threat Protector software to proactively identify, block and mitigate targeted ransomware threats. The service was previously available (and is still) to public hospitals and health departments through the Multi-State Information Sharing and Analysis Center (MS-ISAC), and according to CIS, over 1,000 government entities have used the product through MS-ISAC. To date, MDBR has blocked almost 750 million requests for access to malicious domains. If an organization uses MDBR, the software will cross-check the request with its database of known and suspected domains and “attempts to access known malicious domains associated with malware, phishing, ransomware, and other cyber threats will be blocked and logged.” The logged data are then analyzed, aggregated reporting is made available for the benefit of the hospital community, and remediation assistance is provided as appropriate.
CIS is now offering the service for free not only to public entities and governmental agencies, but to private hospitals, multi-hospital systems, integrated health systems, post-acute facilities and specialty hospitals. Sounds like a great opportunity for hospitals and facilities to add another tool in their toolboxes to combat ransomware and other cyber-attacks. For more information and to sign up, the CIS website is available here.