The Federal Bureau of Investigation has issued a Request for Quotes (RFQ) soliciting vendors to develop malware intelligence which would “provide actionable intelligence to the investigator in both criminal and intelligence matters.”
“The Federal Bureau of Investigation (FBI) has a requirement to provide technical analysis of digital methods, software and data, and provide technical support of field investigations and intelligence operations that involve computers, networks and malicious software,” the RFQ states.
“The FBI has a team of highly trained technical analysts, specialists and engineers providing on-scene technical support, employing innovative, custom developed analytical methods and tools to analyze collected data. Critical to the success of the FBI is the collection of malware from multiple industry, law enforcement and research sources.”
The agency is offering a one-year contract to service providers who can satisfy three functional requirements, including a searchable malware feed, a malicious URL report that links to drive-by downloads, and malware files that contain metadata such as SHA1 and MD5 signatures.
The feed required by the FBI should:
- Contain a rollup of sharable new malware (both unique and variants)
- Include a malicious URL report (Reference Section 2.3.2)
- Be organized by SHA1 signatures
- Be updated once every 24 hours
- Be a snapshot of the prior 24 hours
- Be, on average, 30GB – 40GB per day
- Be able to retrieve feed in an automated way through machine-to-machine communication
- Initiations of accessing feed shall be pulled by FBI not pushed to FBI
“While the above sets forth the minimum requirements for the technical response, the stated requirements are not intended to limit the offeror’s initiative and ingenuity. The technical response may be expanded to include issues considered by the offeror to be appropriate.”
The FBI issued a similar call for malware back in February of this year.
Read More Here…