C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
Does Malware Have Citizenship?
In talks with information security professionals at security conferences, user group events, and customer sites, Chester Wisniewski frequently fields questions about country-based blocking as a network defense tactic. Though he couldn’t find any published data to confirm his assumptions, “I couldn’t see any meaningful correlation between the countries from which traffic originates and attack patterns,” said Wisniewski, a principal research scientist at Sophos. So, in 2018, leveraging petabytes of malicious samples captured by SophosLabs, he launched his own project to determine if region-blocking was a practical weapon for slashing malware volumes. In his CyberCrime Symposium keynote, he detailed his findings and how attendees could apply the information to better defend their networks. Malicious Matters. For his research, Wisniewski analyzed a month’s worth of malicious data. Beyond segmenting threats by type and location, he wanted to drill-down to identify the countries of traffic origin, autonomous systems (ASs) — blocks of IP addresses controlled by ISPs and other large network operators — and sketchy ISPs.
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.