Australia: Australian Cyber Security Centre released guidance on geo-blocking

On 19 May 2025, the Australian Cyber Security Centre (ACSC) released guidance on geographical-based Internet Protocol blocking (geo-blocking). The guidance aims to provide an overview of geo-blocking and emphasises its limitations, highlighting the importance of applying layered cybersecurity measures. It clarifies that Internet Protocol (IP) addresses are unreliable indicators of origin or identity due to techniques such as Virtual Private Networks (VPNs), cloud services, and compromised infrastructure used by malicious actors. While IP reputation services and geolocation tools can inform decisions, the ACSC advises against relying on them solely due to potential inaccuracies and unintended consequences such as blocking legitimate users. The guidance recommends implementing geo-blocking only as part of a broader defence-in-depth approach and outlines best practices, including evaluating user impacts, using additional monitoring tools, and maintaining system security.