Recycled malware still plagues enterprise

A threat report released this week by Websense Security Labs, reveals that organisations' “crown jewels” are still as susceptible to malware, even with “simple, dated attack” techniques. A lack of adequate security defences and pervasive end user ignorance remain the top reasons that breach incidents continue to increase despite the decline in volume of actual malware threats.

According to the report, malware authors continue to recycle delivery techniques and infrastructure, with nearly all malware utilising command and control infrastructure used by at least one other malware author. To help them along, one third of end users continue to click away at malicious email links, demonstrating that they are increasingly “desensitised” from warnings, lack a feeling of responsibility, and lack enterprise-driven education.

"Cyber-threats in 2014 combined new techniques with the old, resulting in highly evasive attacks that posed a significant risk for data theft," Charles Renert, vice president of security research for Websense, commented in an email to SCMagazineUK.com. "In a time when malware-as-a-service means more threat actors than ever have the tools and techniques at hand to breach a company's defences, real-time detection across the Kill Chain is a necessity.”