This seems like woefully naive virtue-signaling to me. I geo-block all traffic from Iran, N Korea, China and Russia specifically at my clients' firewalls because I have watched the logs and could clearly see IPs from each of these countries attempt connections to American businesses every minute of every day. Try to single out the offending IP and tomorrow it moves to another; you will spend the rest of your days adding to that block list. It is perfectly sensible to block the country entirely; and better yet - as I've made a standard for my clients - block the entire world, and only allow specific countries to talk to your firewall. Then you can add more granular blocks on top of this. If something gets blocked that shouldn't, that's not painful to adjust. I have no doubt there are many fine people in Russia, but that doesn't mean there's a single computer in Russia that has any business talking to mine.
Logically, if Russians would want to infiltrate your organization, they won't do it from Russian IPs directly, but instead do it from cheap proxies, and those proxies are abundant in Netherlands or Germany.
Only stuff like scanners and other basic stuff (that comes from devices that have been left unattended and without updates). But the actual malicious traffic is not that easy to spot, as it won't be router directly.
i used to do similar on gaming clans' forums; for local rationalized fps we didnt want folks with 300+ ping and country blocking was pretty easy (and folks on the forums were either spamming us with porn or trying to become a member). though since it was forums based i did allow GETs but restricted POSTs ect vs straight up 0 access
