May 10, 2024 By Jonathan Reed 2 min read

One of the main goals of the Cybersecurity and Infrastructure Security Agency (CISA) is to promote security collaboration across the public and private sectors. CISA firmly believes that partnerships and effective coordination are essential to maintaining critical infrastructure security and cyber resilience.

In faithfulness to this mission, CISA is now offering the Malware Next-Generation Analysis program to businesses and other organizations. This service has been available to government and military workers since November 2023 but is now available to the private sector.

What is Malware Next-Gen Analysis?

Malware Next-Gen allows any organization to submit malware samples and other suspicious artifacts for analysis.

Knowing how a malware attack works is crucial for security teams to conduct potential cyber incident response and/or threat hunts. And CISA’s Malware Next-Gen provides advanced and reliable malware analysis on a scalable platform. The integrated system provides CISA analysts with multilevel containment capabilities for in-depth analysis of potentially malicious files or URLs.

“Effective and efficient malware analysis helps security professionals detect and prevent malicious software from enabling adversary access to persistence within an organization. Malware Next-Gen is a significant leap forward in CISA’s commitment to enhancing national cybersecurity,” said CISA Executive Assistant Director for Cybersecurity Eric Goldstein.

The platform enables “analysts to better analyze, correlate, enrich data and share cyber threat insights with partners,” as per Goldstein.

How does Malware Next-Gen work?

Malware Next-Gen Analysis was previously only available for all U.S. federal, state, local, tribal and territorial government agencies. Now, it is available for the private sector.

Malware Next-Gen works like this:

  1. Registration: Users must create a login.gov account and complete a one-time registration to access the system.
  2. Submission: After registration, users can submit suspicious files and URLs for analysis.
  3. Analysis: CISA analysts employ a combination of static and dynamic analysis tools in a secure environment to examine the submitted artifacts.
  4. Results: Analysis results are provided in PDF and STIX 2.1 data formats, enabling users to understand the nature of the threats they face.

For users who wish to remain anonymous, there’s also an option to submit malware samples through a portal for unregistered users. However, anonymous users can’t access any analysis results.

Read the Threat Intelligence Index report

Advanced malware analysis available for all

CISA’s decision to make Malware Next-Gen publicly available is good news for small and medium-sized enterprises (SMEs) that may struggle to implement effective cybersecurity measures due to limited resources. With Next-Gen, anyone can access sophisticated analyses of malware content.

Furthermore, CISA recently updated its Malware Next-Gen platform to include enhanced capabilities for automated malware analysis, expanded support for multiple file types and updated tactics and techniques for analyzing malware.

How fast is CISA’s Malware Next-Gen?

While CISA does not provide a specific time frame, there are reports that the platform does not provide rapid results. If you need something faster, commercially available malware analysis is your best bet.

Betting on collaboration

As cyber threats continue to get more sophisticated, collaboration and information sharing become more crucial for an effective defense strategy. By opening Malware Next-Gen to the public, CISA remains true to its goal to foster a more collaborative environment. When threat intelligence is shared, it can be leveraged by organizations of all sizes to bolster overall cyber resilience.

With AI security threats and machine learning techniques, cyber groups will only create even more dangerous malware to bypass security systems in the future. This makes tools like Malware Next-Gen even more vital. Given the level of threats involved, a more inclusive and accessible cybersecurity ecosystem might be the only way to stay ahead of intruders.

More from News

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today