Blocking the Big Ten

The folks over at countryipblocks.net bring up an interesting question:  Does your local network really need to allow access to hackers located 12,000 miles away from you? 

Nearly 80% of all harmful or malicious Internet traffic comes from “The Big Ten.”  These are countries that include China, Brazil, Russia, India, Korea, Viet Nam, Ukraine, Turkey, Italy, and Argentina.  These are countries where great computer engineering talent is produced, but at the same time lack the local jurisdiction to respond to cybercrimes quickly and adequately.

Thanks to hackers from The Big Ten, you need to have a great deal of money, knowledge, and resources to protect your websites from the malicious traffic that originates in these countries.  Firewalls, encryption, antivirus, and security guarded systems are all part of the ongoing struggle to keep your enterprise safe.

But maybe there is an easier way.  As countryipblocks.net and other sites like it advocate, you could just block all visitors from The Big Ten by blocking the IPs of those countries.  If they can’t access your local network or your website, then they can’t cause any trouble.

It’s not that hard to do and there are several websites that instruct you how to create .htaccess files that will block IPs from countries of your choosing for your webserver (if you are running apache) or you can simply block them at your firewall. Whatever works for you.

This may be a simple and ideal solution for companies that have no reason to do business with The Big Ten, are not global companies, or that simply deem any business generated by those countries to be not worth the expense in IT security it requires to allow their traffic.

But it does seem a little unfair to “punish” an entire country because of the misdeeds of a few sordid cyber criminals, doesn’t it?  Some consider blocking countries by IP overkill when it’s better to understand the attacks made by these countries and work out a solution from there.

Also, blocking The Big Ten cannot be an alternative to an effective security policy.  Attacks can still come from that remaining 20%, and even right here in the US where your biggest market exists (Many botnet servers are actually located WITHIN the US).  Absent security would make your website a sitting duck in the face of inevitable attacks.

Related posts

• Server Hack Leads to Data Loss, Suicide (0)
• Hackers to VAServ: “it was ur own stupidity and excessive passwd reuse” (0)
• Understanding Your Attackers with a Honeypot (0)
• Printers Are Not Just Dumb Peripherals (1)
• HackersBlog – White or Black Hat? (0)

Tagged as: antivirus, big 10, big ten, brazil, China, country blocking, cyber criminals, Hackers, hacking, htaccess files, India, information technology, IP blocking, IT, IT Security, Italy, nation blocking, russia, security, Turkey, Ukraine