Many organizations are subject to government regulations such as
ITAR or
OFAC that prohibit any dealings with certain foreign nations. Others have countries that they will not do business with for reasons of corporate policy - because of rampant piracy or fraud for example. However with the Internet, what matters isn't always where another computer is located, at least not from the domain name it reports or the place a user fills in as its contact address. This means that, wittingly or unwittingly, devices in any organization may be connecting with other machines in locations that they are legally forbidden to have any communication with.
ThreatSTOP has always had the ability to block countries. We provide our customers with geographic-based target bundles, making it easy to do far more than just block, say, Russia. Customers can block based on specific sanctions regimes such as ITAR or OFAC, or specific areas that are known to be major sources of malicious activity. For example, our Eastern Europe Bundle blocks traffic to and from Belarus, Bulgaria, Czech Republic, Estonia, Hungary, Latvia, Lithuania, Moldova, Poland, Romania, Russia, Slovakia, Turkey, and Ukraine - countries that consistently provide far more than their "fair share" of malware because they offer lax enforcement, which in turn means they are able to provide bullet-proof hosting and other related facilities for criminals.
Countries don't necessarily stay on these lists forever though. If a country makes a clear effort to clean up its ISPs and hosting providers, it will be removed from the list. Likewise, other countries may be added if they are seen to be w ..
Support the originator by clicking the read the rest link below.
