May 10, 2024 By Jonathan Reed 2 min read

One of the main goals of the Cybersecurity and Infrastructure Security Agency (CISA) is to promote security collaboration across the public and private sectors. CISA firmly believes that partnerships and effective coordination are essential to maintaining critical infrastructure security and cyber resilience.

In faithfulness to this mission, CISA is now offering the Malware Next-Generation Analysis program to businesses and other organizations. This service has been available to government and military workers since November 2023 but is now available to the private sector.

What is Malware Next-Gen Analysis?

Malware Next-Gen allows any organization to submit malware samples and other suspicious artifacts for analysis.

Knowing how a malware attack works is crucial for security teams to conduct potential cyber incident response and/or threat hunts. And CISA’s Malware Next-Gen provides advanced and reliable malware analysis on a scalable platform. The integrated system provides CISA analysts with multilevel containment capabilities for in-depth analysis of potentially malicious files or URLs.

“Effective and efficient malware analysis helps security professionals detect and prevent malicious software from enabling adversary access to persistence within an organization. Malware Next-Gen is a significant leap forward in CISA’s commitment to enhancing national cybersecurity,” said CISA Executive Assistant Director for Cybersecurity Eric Goldstein.

The platform enables “analysts to better analyze, correlate, enrich data and share cyber threat insights with partners,” as per Goldstein.

How does Malware Next-Gen work?

Malware Next-Gen Analysis was previously only available for all U.S. federal, state, local, tribal and territorial government agencies. Now, it is available for the private sector.

Malware Next-Gen works like this:

  1. Registration: Users must create a login.gov account and complete a one-time registration to access the system.
  2. Submission: After registration, users can submit suspicious files and URLs for analysis.
  3. Analysis: CISA analysts employ a combination of static and dynamic analysis tools in a secure environment to examine the submitted artifacts.
  4. Results: Analysis results are provided in PDF and STIX 2.1 data formats, enabling users to understand the nature of the threats they face.

For users who wish to remain anonymous, there’s also an option to submit malware samples through a portal for unregistered users. However, anonymous users can’t access any analysis results.

Read the Threat Intelligence Index report

Advanced malware analysis available for all

CISA’s decision to make Malware Next-Gen publicly available is good news for small and medium-sized enterprises (SMEs) that may struggle to implement effective cybersecurity measures due to limited resources. With Next-Gen, anyone can access sophisticated analyses of malware content.

Furthermore, CISA recently updated its Malware Next-Gen platform to include enhanced capabilities for automated malware analysis, expanded support for multiple file types and updated tactics and techniques for analyzing malware.

How fast is CISA’s Malware Next-Gen?

While CISA does not provide a specific time frame, there are reports that the platform does not provide rapid results. If you need something faster, commercially available malware analysis is your best bet.

Betting on collaboration

As cyber threats continue to get more sophisticated, collaboration and information sharing become more crucial for an effective defense strategy. By opening Malware Next-Gen to the public, CISA remains true to its goal to foster a more collaborative environment. When threat intelligence is shared, it can be leveraged by organizations of all sizes to bolster overall cyber resilience.

With AI security threats and machine learning techniques, cyber groups will only create even more dangerous malware to bypass security systems in the future. This makes tools like Malware Next-Gen even more vital. Given the level of threats involved, a more inclusive and accessible cybersecurity ecosystem might be the only way to stay ahead of intruders.

More from News

CISA launches portal to simplify cyber incident reporting

2 min read - Information sharing just got more efficient. In August, the Cybersecurity and Infrastructure Security Agency (CISA) launched the CISA Services Portal. “The new CISA Services Portal improves the reporting process and offers more features for our voluntary reporters. We ask organizations reporting an incident to provide information on the impacted entity, contact information, description of the incident, technical indications and steps taken,” a CISA spokesperson said in an email statement. “Reported incidents enable CISA and our partners to help victims mitigate…

FYSA – Critical RCE Flaw in GNU-Linux Systems

2 min read - Summary The first of a series of blog posts has been published detailing a vulnerability in the Common Unix Printing System (CUPS), which purportedly allows attackers to gain remote access to UNIX-based systems. The vulnerability, which affects various UNIX-based operating systems, can be exploited by sending a specially crafted HTTP request to the CUPS service. Threat Topography Threat Type: Remote code execution vulnerability in CUPS service Industries Impacted: UNIX-based systems across various industries, including but not limited to, finance, healthcare,…

Are new gen AI tools putting your business at additional risk?

3 min read - If you're wondering whether new generative artificial intelligence (gen AI) tools are putting your business at risk, the answer is: Probably. Even more so with the increased use of AI tools in the workplace. A recent Deloitte study found more than 60% of knowledge workers use AI tools at work. While the tools bring many benefits, especially improved productivity, experts agree they add more risk. According to the NSA Cybersecurity Director Dave Luber, AI brings unprecedented opportunities while also presenting…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today