May 10, 2024 By Jonathan Reed 2 min read

One of the main goals of the Cybersecurity and Infrastructure Security Agency (CISA) is to promote security collaboration across the public and private sectors. CISA firmly believes that partnerships and effective coordination are essential to maintaining critical infrastructure security and cyber resilience.

In faithfulness to this mission, CISA is now offering the Malware Next-Generation Analysis program to businesses and other organizations. This service has been available to government and military workers since November 2023 but is now available to the private sector.

What is Malware Next-Gen Analysis?

Malware Next-Gen allows any organization to submit malware samples and other suspicious artifacts for analysis.

Knowing how a malware attack works is crucial for security teams to conduct potential cyber incident response and/or threat hunts. And CISA’s Malware Next-Gen provides advanced and reliable malware analysis on a scalable platform. The integrated system provides CISA analysts with multilevel containment capabilities for in-depth analysis of potentially malicious files or URLs.

“Effective and efficient malware analysis helps security professionals detect and prevent malicious software from enabling adversary access to persistence within an organization. Malware Next-Gen is a significant leap forward in CISA’s commitment to enhancing national cybersecurity,” said CISA Executive Assistant Director for Cybersecurity Eric Goldstein.

The platform enables “analysts to better analyze, correlate, enrich data and share cyber threat insights with partners,” as per Goldstein.

How does Malware Next-Gen work?

Malware Next-Gen Analysis was previously only available for all U.S. federal, state, local, tribal and territorial government agencies. Now, it is available for the private sector.

Malware Next-Gen works like this:

  1. Registration: Users must create a login.gov account and complete a one-time registration to access the system.
  2. Submission: After registration, users can submit suspicious files and URLs for analysis.
  3. Analysis: CISA analysts employ a combination of static and dynamic analysis tools in a secure environment to examine the submitted artifacts.
  4. Results: Analysis results are provided in PDF and STIX 2.1 data formats, enabling users to understand the nature of the threats they face.

For users who wish to remain anonymous, there’s also an option to submit malware samples through a portal for unregistered users. However, anonymous users can’t access any analysis results.

Read the Threat Intelligence Index report

Advanced malware analysis available for all

CISA’s decision to make Malware Next-Gen publicly available is good news for small and medium-sized enterprises (SMEs) that may struggle to implement effective cybersecurity measures due to limited resources. With Next-Gen, anyone can access sophisticated analyses of malware content.

Furthermore, CISA recently updated its Malware Next-Gen platform to include enhanced capabilities for automated malware analysis, expanded support for multiple file types and updated tactics and techniques for analyzing malware.

How fast is CISA’s Malware Next-Gen?

While CISA does not provide a specific time frame, there are reports that the platform does not provide rapid results. If you need something faster, commercially available malware analysis is your best bet.

Betting on collaboration

As cyber threats continue to get more sophisticated, collaboration and information sharing become more crucial for an effective defense strategy. By opening Malware Next-Gen to the public, CISA remains true to its goal to foster a more collaborative environment. When threat intelligence is shared, it can be leveraged by organizations of all sizes to bolster overall cyber resilience.

With AI security threats and machine learning techniques, cyber groups will only create even more dangerous malware to bypass security systems in the future. This makes tools like Malware Next-Gen even more vital. Given the level of threats involved, a more inclusive and accessible cybersecurity ecosystem might be the only way to stay ahead of intruders.

More from News

Change Healthcare discloses $22M ransomware payment

3 min read - UnitedHealth Group CEO Andrew Witty found himself answering questions in front of Congress on May 1 regarding the Change Healthcare ransomware attack that occurred in February. During the hearing, he admitted that his organization paid the attacker's ransomware request. It has been reported that the hacker organization BlackCat, also known as ALPHV, received a payment of $22 million via Bitcoin.Even though they made the ransomware payment, Witty shared that Change Healthcare did not get its data back. This is a…

State Department releases International Cyberspace and Digital Policy Strategy

3 min read - U.S. Secretary of State Antony Blinken announced the new U.S. International Cyberspace and Digital Policy Strategy during the recent RSA Conference in San Francisco. The strategy emphasizes the role of technology in diplomacy and the urgent need to build international coalitions. “Security, stability, prosperity — they are no longer solely analog matters,” Blinken said at the conference. The new strategy focuses on “digital solidarity” not “digital sovereignty,” Blinken said, emphasizing the importance of collaboration with like-minded nations. Also mentioned was…

DHS establishes Artificial Intelligence Safety and Security Board

3 min read - As part of its commitment to addressing the rapid growth and adoption of AI technology across all industries and sectors, the Department of Homeland Security (DHS) announced the establishment of the Artificial Intelligence Safety and Security Board in late April. The Board’s first meeting is planned for early May when they will begin the task of focusing on how to develop and deploy AI technology within the United States’ critical infrastructure safely and securely. Based on the DHS Homeland Threat…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today