Malicious Domain Blocking and Reporting for U.S. Hospitals


With the increasing industry shift to electronic health records and other digital technologies, cybersecurity has become a strategic priority for the healthcare industry. Cyber-attacks against hospitals and other healthcare facilities can put patient safety at risk by locking critical systems and records. In some cases, these attacks can result in patient care being delayed or cancelled. During the COVID-19 pandemic, ransomware has emerged as the largest cyber threat facing healthcare facilities, resulting in data theft and the disruption of healthcare services.


Cyber Defense for U.S. Hospitals

The Center for Internet Security®, in partnership with Akamai, is offering the Malicious Domain Blocking and Reporting (MDBR) service to all public hospitals and related healthcare organizations in the United States. This service provides an additional layer of cybersecurity protection that is proven, effective, and easy to deploy.

MDBR is a fully-managed proactive domain security service, with CIS and Akamai fully maintaining the systems required to provide the service. Once an organization points its DNS requests to Akamai’s DNS server IP addresses, every DNS lookup will be compared against a list of known and suspected malicious domains. Attempts to access known malicious domains associated with malware, phishing, ransomware, and other cyber threats will be blocked and logged.

The logged data is then provided by Akamai to CIS’s Security Operations Center (SOC). The SOC uses this data to perform detailed analysis and aggregate reporting for the benefit of the hospital community, as well as organization-specific reporting and intelligence services. If circumstances require, remediation assistance is provided for each organization that implements the service.


Four Benefits of MDBR

  • Proactively identifies and blocks malware, ransomware, and phishing attacks
  • Provides real-time reports
  • Custom configurations
  • Off-network device protection

Independent hospitals

Multi-system hospitals

Hospital-based integrated health systems, meaning an organization, consisting of one or more hospitals plus at least one or more groups of physicians, that provides a continuum of care and that are connected to each other through joint ownership or joint management

Post-acute patient care facilities

Psychiatric, rehabilitation, or other specialty hospitals

Cybersecurity as a Strategic Priority for Hospitals

This MDBR service is a highly effective and easy to implement way to protect hospitals against ransomware and other cyber threats, and we encourage all hospitals in the U.S. to sign-up.Public U.S. Hospitals.

Public U.S. Hospitals

Public hospitals in the U.S. are also eligible for membership in the Multi-State Information Sharing and Analysis Center (MS-ISAC). Members can receive access to the MDBR service at no cost through the MS-ISAC through September 23, 2023. Learn more.

Private U.S. Hospitals

CIS offers private hospitals a cost-effective solution for highly-effective, easy-to-implement web security.  To learn more about our Malicious Domain Blocking and Reporting Plus (MDBR+) service or sign up, please reach out to [email protected]

MDBR is a no-cost service for hospitals in the U.S.

Public Hospitals Sign-up

Download the MDBR for Hospitals Handout