Many security pros working in corporate environments routinely block access to sites on the Internet, for security reasons. The time has come to take the fight to the places that harbor spies and thieves.
|It’s Time To Block Russia And China|
We reached the enough-is-enough tipping point after seeing Network World discuss a Russian Trojan stealing money from commercial bank accounts. Victims include customers in the US, the UK, Spain, and Italy. Don Jackson, senior security researcher at SecureWorks, rapped Russian law enforcement for its laxness at targeting online criminal groups.
This particular Trojan infects machines visiting websites that deliver the malware through an iframe. Spear phishing has been used to entice people to browse such sites.
Couple this news with the ongoing reports of Chinese espionage, including one embarrassing incident involving the Department of Homeland Security, and we have to ask security pros in the enterprise world this question:
Why are you letting hardware make connections with IP addresses in the relevant netblocks for China or Russia?
Unless there is an absolute business need for employees to visit sites in these countries, we are hard-pressed to see a reason to let people actively or unknowingly hit potentially malicious sites in countries that have demonstrated over and over they cannot or will not crack down on Internet criminal actions.
Or in China, where state sponsored hackers labor at the pleasure of the central government, grabbing data from corporate and government computers. Is the government going to crack down on itself?
Criminals and spies need access. The US government has been ineffective at compelling Russia and China to do something about the respective problems. Security pros may need to force the issue at the gateway, by logging into the routers and just saying nyet to the netblocks of countries known to harbor these threats.