Combatting Global Hackers Is Ip Blocking The Best Solution

Combatting Global Hackers: Is IP Blocking the Best Solution?

Arraya Insights | September 9, 2014

Police departments, health service providers, even the Nuclear Regulatory Commission have all fallen victim to attacks from foreign-based hackers recently.

This rise in digital espionage and thievery from overseas hackers has forced IT leaders from all kinds of companies – even those that don’t have a global presence – to expand their security concerns.

But what’s the best way to ward off cyber threats from abroad?

For some companies, the answer is shutting those countries out completely. Companies ratchet up their firewall settings and simply block IPs based out of parts of the world they don’t plan on doing business with any time soon.

However, this strategy might still be leaving organizations vulnerable.

Many of these attacks will start on foreign soil, but they are routed through so-called zombie PCs located right in the US. Just like that, hackers are able to evade the nets companies have set up for their IP addresses.

Beyond that, it could leave companies’ own road warriors high and dry in the event that business plans change and a traveler finds him or herself in one of those blocked areas, trying to access webmail.

Blocking specific countries’ IP addresses can be ineffective as a primary defense and it can also be clunky. Telling a device not to accept anything from China, Russia or whoever comes with a hefty amount of syntax and can add dozens of extra pages to the configuration.

Attacks continue to get even more sophisticated and hackers have varied the arsenal of weapons at their disposal in order to keep companies – and their security teams – on their heels.

Instead of focusing heavily on defending the point of entry into a system, companies would be better served by making IP blocking just one facet of a multi-phased security plan, like the one offered by Cisco. This security model covers the entire attack continuum, protecting companies before, during and after the attack has ceased.

  • Before an attack, Cisco can assist companies with reinforcing and hardening their systems against intrusions with the help of sturdy firewalls and advanced VPN connections. Network overseers are empowered to authenticate, authorize and evaluate wired, wireless, and remote users before they gain access to a company’s network.
  • During an attack, companies have the ability detect, block, and defend against unwanted system invasions with the help of Next-Generation Intrusion Prevention Systems as well as innovative email and web security tools.
  • After an attack has been thwarted, companies can get back up and running again with confidence thanks to Cisco’s Advanced Malware Protection and network behavior analysis. This allows IT pros to analyze the scope of the attack, contain any lingering trouble spots and limit the harm done.

Arraya Solutions can help your company bolster its defenses against hackers – both foreign and domestic. IT leaders will be able to rest assured their company won’t be the next to find itself in the headlines due to a data breach. Visit www.ArrayaSolutions.com to learn more about how you can protect yourself.

Upcoming Cisco Webcast: Security Beyond Traditional Defenses
Tuesday, September 16th @ 12:00 p.m. EST
During this webcast you’ll hear about the future of network security from Christopher Young, SVP of the Cisco Security Business Group. Learn how you can truly get advanced threat protection across the entire attack continuum: before, during, and after an attack.