|Carl Mazzanti is the president of eMazzanti Technologies in Hoboken.
||E-commerce has been celebrated for empowering businesses – even small ones – to easily connect with existing and potential customers locally and internationally. However, sometimes too much of something good can lead to negative consequences.
That is what happened when an Essex County municipality’s website allowed anyone to log in, regardless of their location. In theory, this open e-door policy would help the municipality position itself as an attractive location to live, work or play; potentially attracting visits and capital from a global audience.
The move did attract attention, but the visitors included some state-sponsored hackers who tried to extort money by seizing control of municipal bank accounts. Fortunately, local officials quickly contacted the FBI, Homeland Security, and other agencies. They also put out an RFP (Request for Proposal), seeking help to secure their systems.
eMazzanti Technologies answered the RFP and helped secure their systems. After accomplishing that, eMazzanti set out to bolster their cyber defenses and — in addition to recommending a customized suite of antivirus programs, password enhancements, and other security measures — advised the locality to set up a geofence.
Securing The Perimeter
Geofencing is a firewall-based feature that automatically looks at the IP address of incoming traffic or network requests, which is tied to a physical location. It identifies where the traffic originated and allows users to set up a digital barricade, blocking network traffic from specific locations.
At a time when state-sponsored hackers were increasingly targeting U.S.-based operations, the FBI logged more than 791,790 reports of suspected internet crime. The agency announced losses exceeding $4.2 billion in 2021, and New Jersey ranked No. 9 in number of victims. Geofencing can play a key role in setting up effective cyber-defense.
For a municipality or a business that does not regularly conduct international transactions, it may be reasonable to set up a geofence that locks out all traffic originating from outside the United States. Such a geofence generally will not keep cross-border traffic from discovering the website, but it will prevent them from accessing the organization’s files. So if a legitimate player wants to do business with the U.S.-based entity, they can still reach out through other means, like a phone call.
Geofencing is not limited to just blanket-blocking international outsiders. If a legitimate user located in Europe attempts to log into the server of a U.S.-based business, a geofence can be programmed to trigger a set of challenge questions that must be answered correctly to authenticate their identity before they are granted access.
In addition to challenge questions, geofences can be configured to limit access privileges based on the login attempt’s locational origin. Defensive moves like these may be critical in helping safeguard sensitive credentials which, once breached, may end up being sold on the Dark Web and used by hackers from anywhere around the globe.
A Versatile Application
Properly designed, a geofence can help shield an organization from massive Distributed Denial-of-Service (DDoS, also known as Denial of service, or DoS) attacks that aim to shut down machines or networks by overwhelming them with traffic from multiple infected systems — using a botnet — and denying access to legitimate users. DDoS attacks are often unleashed from countries outside the U.S. Even if nothing is breached, an organization’s network may go offline simply because the system can’t keep up with the thousands or millions of requests. With some reports indicating that the number of DDoS attacks is expected to reach more than 15 million a year by 2023, geofencing can act as a kind of blanket coverage that will protect the network and data of an organization.
In one scenario, several bots could attack from Eastern Europe — similar to the recent massive DDoS attacks against Ukraine. Instead of depending on the firewall to identify and combat each attack individually, a geofence with appropriate security policies could simply block the attacks from those geographical areas, regardless of the number of individual IP addresses that the attacker may utilize.
Besides offering another layer of protection against DDoS and other malicious attacks, geofencing may also deliver efficiencies to local businesses by deflecting unnecessary digital traffic. A local contracting business that hosts its website through an on-premises server, for example, may not operate beyond a circumscribed geographical area. But without geofencing, unwanted Web-based traffic from distant locations could devour much of the company’s bandwidth, resulting in server-response slowdowns. In a case like this, an organization’s geofence can be set to filter selected geographical areas without completely blocking them so their bandwidth usage will be limited and the organization’s activities won’t experience slowdowns.
As more organizations of all sizes take advantage of the many benefits of cloud computing, or on-demand delivery of IT resources over the Internet, their exposure to outside influence — from DDoS and other kinds of attacks to innocent but cumbersome traffic that reduces bandwidth — will continue to increase. Fortunately, competitively priced solutions like geofencing can mitigate the risk.
eCare SOC Security Monitoring
Prevention Is Ideal, Detection Is Essential
IS YOUR INFORMATION ON THE DARK WEB?
We go into the dark web to keep you out of it.
Free Cyber Security Assessment
The time is NOW to begin planning your Cyber Security Strategy