Malicious Domain Blocking and Reporting (MDBR)
MDBR is available at no cost to U.S. State, Local, Tribal, and Territorial (SLTT) government members of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). It was designed in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) and Akamai.
MDBR is a cloud-based solution that uses recursive DNS technology to prevent IT systems from connecting to harmful web domains, helping SLTTs limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain.
Once an SLTT points its domain name system (DNS) requests to the Akamai’s DNS server IP addresses, every DNS lookup will be compared against MDBR's list of known and suspected malicious domains. Attempts to access known malicious domains such as those associated with malware, phishing, and ransomware, among other threats, will be blocked and logged. CIS will then provide reporting that includes log information for all blocked requests and assist in remediation, if needed.