It’s been reported that The Cyber National Mission Force in the US is now uploading malware samples it finds to VirusTotal. Commenting on this very positive news for the industry is Chris Doman, threat engineer at AlienVault, an AT&T company:
“The US Cyber Command has uploaded two malware samples relating to APT28, the Russian group behind the US election hacking. So far, the quantity has been small, but the quality is high.
“Hopefully, these additions from the US Cyber Command will be another useful source of malware which will help the industry to defend against it. However, downloading files requires paid access to VirusTotal Enterprise, so this should be useful for security vendors, but most “hobby” malware analysts won’t have access to the files.
“You can view the files at https://www.virustotal.com/en/user/CYBERCOM_Malware_Alert/”
Chris’s colleague, Javvad Malik, security advocate, added: “This is a fantastic new initiative by CNMF. The more threat data the security industry can share amongst itself, the better it can make its defences. By sharing threat data and samples, security teams can proactively look out for emerging threats and even zero days, giving the attackers smaller windows of opportunity to conduct successful attacks. It can also be used for threat hunting and to seek out any malware that may have already infiltrated an enterprise.
“We hope to see more governments and companies share data openly to further the security community’s efforts.”