May 10, 2024 By Jonathan Reed 2 min read

One of the main goals of the Cybersecurity and Infrastructure Security Agency (CISA) is to promote security collaboration across the public and private sectors. CISA firmly believes that partnerships and effective coordination are essential to maintaining critical infrastructure security and cyber resilience.

In faithfulness to this mission, CISA is now offering the Malware Next-Generation Analysis program to businesses and other organizations. This service has been available to government and military workers since November 2023 but is now available to the private sector.

What is Malware Next-Gen Analysis?

Malware Next-Gen allows any organization to submit malware samples and other suspicious artifacts for analysis.

Knowing how a malware attack works is crucial for security teams to conduct potential cyber incident response and/or threat hunts. And CISA’s Malware Next-Gen provides advanced and reliable malware analysis on a scalable platform. The integrated system provides CISA analysts with multilevel containment capabilities for in-depth analysis of potentially malicious files or URLs.

“Effective and efficient malware analysis helps security professionals detect and prevent malicious software from enabling adversary access to persistence within an organization. Malware Next-Gen is a significant leap forward in CISA’s commitment to enhancing national cybersecurity,” said CISA Executive Assistant Director for Cybersecurity Eric Goldstein.

The platform enables “analysts to better analyze, correlate, enrich data and share cyber threat insights with partners,” as per Goldstein.

How does Malware Next-Gen work?

Malware Next-Gen Analysis was previously only available for all U.S. federal, state, local, tribal and territorial government agencies. Now, it is available for the private sector.

Malware Next-Gen works like this:

  1. Registration: Users must create a login.gov account and complete a one-time registration to access the system.
  2. Submission: After registration, users can submit suspicious files and URLs for analysis.
  3. Analysis: CISA analysts employ a combination of static and dynamic analysis tools in a secure environment to examine the submitted artifacts.
  4. Results: Analysis results are provided in PDF and STIX 2.1 data formats, enabling users to understand the nature of the threats they face.

For users who wish to remain anonymous, there’s also an option to submit malware samples through a portal for unregistered users. However, anonymous users can’t access any analysis results.

Read the Threat Intelligence Index report

Advanced malware analysis available for all

CISA’s decision to make Malware Next-Gen publicly available is good news for small and medium-sized enterprises (SMEs) that may struggle to implement effective cybersecurity measures due to limited resources. With Next-Gen, anyone can access sophisticated analyses of malware content.

Furthermore, CISA recently updated its Malware Next-Gen platform to include enhanced capabilities for automated malware analysis, expanded support for multiple file types and updated tactics and techniques for analyzing malware.

How fast is CISA’s Malware Next-Gen?

While CISA does not provide a specific time frame, there are reports that the platform does not provide rapid results. If you need something faster, commercially available malware analysis is your best bet.

Betting on collaboration

As cyber threats continue to get more sophisticated, collaboration and information sharing become more crucial for an effective defense strategy. By opening Malware Next-Gen to the public, CISA remains true to its goal to foster a more collaborative environment. When threat intelligence is shared, it can be leveraged by organizations of all sizes to bolster overall cyber resilience.

With AI security threats and machine learning techniques, cyber groups will only create even more dangerous malware to bypass security systems in the future. This makes tools like Malware Next-Gen even more vital. Given the level of threats involved, a more inclusive and accessible cybersecurity ecosystem might be the only way to stay ahead of intruders.

More from News

Exploring the 2024 Worldwide Managed Detection and Response Vendor Assessment

3 min read - Research firm IDC recently released its 2024 Worldwide Managed Detection and Response Vendor Assessment, which both highlights leaders in the market and examines the evolution of MDR as a critical component of IT security infrastructure. Here are the key takeaways. The current state of MDR According to the assessment, “the MDR market has evolved extensively over the past couple of years. This should be seen as a positive movement as MDR providers have had to evolve to meet the growing…

Regulatory harmonization in OT-critical infrastructure faces hurdles

3 min read - In an effort to enhance cyber resilience across critical infrastructure, the Office of the National Cyber Director (ONCD) has recently released a summary of feedback from its 2023 Cybersecurity Regulatory Harmonization Request for Information (RFI). The responses reveal major concerns from critical infrastructure industries related to operational technology (OT), such as energy, transport and manufacturing. Their worries include the current fragmented regulatory landscape and difficulty adapting to new cyber regulations. The frustration appears to be unanimous. Meanwhile, the magnitude of…

Why the Christie’s auction house hack is different

3 min read - Christie's, one of the world's leading auction houses, was hacked in May, and the cyber group RansomHub has claimed responsibility. On May 12, Christie’s CEO Guillaume Cerutti announced on LinkedIn that the company had “experienced a technology security incident.” RansomHub threatened to leak “sensitive personal information” from exfiltrated ID document data, including names, dates of birth and nationalities. On the group’s dark website, RansomHub claims to possess 2GB of data on “at least 500,000” Christie’s clients from around the world.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today