Seemingly out of exhaustion, the United States’ Cybersecurity & Infrastructure Security Agency (CISA) has taken a sizeable step in a fresh direction. The cybersecurity community long ago identified that the only way to effectively combat nation-state cybercrime against the US and its companies is by equipping the end user. For years this meant implementing Security Awareness Training, phishing simulations, and general caution when using technology. With this new announcement, we’re witnessing an elevation of the responsibility placed on non-technical folks who enjoy and leverage technology every day.
What gives? Why now?
By enabling the public to report malware from the wild directly to CISA, and by automating the analysis of each submission, the US looks to be taking the pervasive existential threat that is cyber espionage by nation-state actors more seriously. The government is saying “Look, we can’t see everything, so we need your help. The architecture of the existing threat detection fabric isn’t conducive to rapidly identifying and suppressing new threats.”
This is sure to catalyze the already increasing effectiveness of Endpoint Detection and Response (EDR) “blankets” which more and more organizations are adopting to combat ransomware and other cyberattacks.
Built Different
The submission of threat data directly to CISA facilitates a more rapid response with wider-ranging containment capabilities. The official CISA post on the topic states the following:
“Timely, actionable intelligence on malware, such as how it works and what it is designed to do, is crucial to network defenders conducting potential cyber incident response and/or threat hunts. Malware Next-Gen provides advanced and reliable malware analysis on a scalable platform, capable of meeting the increasing demands of future workloads.”
Traditionally, these databases have been created and maintained by cybersecurity firms. This restructuring on the government’s part to replicate this effective strategy bodes well for all US citizens’ future safety online.
Try it out!
Anyone can use this system to report malware, and you can even submit anonymously if you prefer. The more data CISA analyzes, the safer the internet is for everyone. If you or someone you know believes they’ve discovered malware in the wild, do us all a favor and tattle!