Free Tool Helps Hospitals Block RansomwareEd Mattison of the Center for Internet Security Describes Service
To help strengthen the healthcare sector's defenses, the Center for Internet Security is offering most U.S. hospitals and healthcare delivery systems a protection service designed to help block ransomware and other malware, says Ed Mattison, the center's executive vice president of operations and security services.
The nonprofit Center for Internet Security is fully funding the offering of its protection service, known as Malicious Domain Blocking and Reporting, to private U.S. hospitals.
Last year, the free service was initially offered to U.S. public hospitals and health departments - as well as other public entities, such as county governments and K-12 public schools - through the Multi-State Information Sharing and Analysis Center, which is part of the Center for Internet Security.
Secure DNS Sevices
Malicious Domain Blocking and Reporting is a secure DNS, or Domain Naming System, service, Mattison says. "Any web requests leaving your organization - that can be in a browser, clicking on a link in an email, or a machine in your organization that has malware installed on it that is trying to 'phone home' to a malicious command-and-control center – you point your DNS server to the service that we're offering and to a specific set of IP addresses.
"Then, through our service provider, Akamai, the requests that you're making are checked against a list of known malicious sites. By simply blocking known malware domains, we can prevent many malware, ransomware and phishing attempts from being successful."
So far, about 2,000 public entities have used the service to block more than 748 million requests for known and suspected malicious web domains, which might have led to ransomware outbreaks, he notes.
In an interview with Information Security Media Group (see audio link below photo), Mattison also discusses:
- How the MDBR service can complement hospitals' other security measures and technologies;
- Incidents besides ransomware attacks that the service can help block, including potential data breaches involving third-party suppliers;
- Other top cybersecurity threats facing the healthcare sector.
As executive vice president of operations and security services at the Center for Internet Security, Mattison is responsible for providing executive leadership to advance the missions of the MS-ISAC and the Elections Infrastructure Information Sharing and Analysis Center. He also provides global security services and support to government and private sector organizations. Earlier, Mattison served as vice president of IT infrastructure, telecommunications and cybersecurity for the Guthrie Health Clinic and CISO for the University of Texas System. He also spent 24 years in the U.S. Army, retiring as a colonel in 2015.