It’s not super-advanced security attacks that threaten organisations: Websense

It’s not super-advanced security attacks that threaten organisations: Websense

Highlights some of the key trends within the security space thanks to its annual threat report

Websense Labs research and development vice-president, Charles Renert

Websense Labs research and development vice-president, Charles Renert

According to security software company, Websense, existing malware attacks on organisations aren’t brand new threats. Instead, it’s the very small mutations of existing threats that easily get by most security models.

Websense Labs research and development vice-president, Charles Renert, said this was one of the key findings that emerged from the company’s most recent global threat report, which is an annual compilation of customer data and research.

Websense’s 2015 threat report indicated that the attack writing community are penetrating networks with dated measures that are still good enough to score the crown jewels of an organisation. They get away with malware by taking existing attacks and make small changes to them (that are just enough to be able to get past whatever code security is in place).

“Of the nearly four billion attacks that we stopped in 2014, a vast majority of them were not those super-advanced brand new attacks that you read about in the headlines. These were all very small mutations of existing threats that easily get by most security models,” Renert said.

Renert also mentioned that there’s a substantial shortage in security expertise that’s out there for the channel. He said that they should invest in a security team that can look across their entire organisation and assess risk.

“The best piece of advice is to make sure that these security practitioners have enough skill to make these assessments and deploy the relevant tools to safeguard their technologies. So there will be a large demand for companies that are able to provide security education, security analysis, and security as a service.”

As for 2015, he added that he expects the speed of propagation to continue regardless of the possibility of the total volume of threats decreasing.

Other key findings from the study include:

  • 99.3 per cent of malware uses a command and control infrastructure used by at least one other malware author
  • The total volume of threats has decreased by five per cent in 2014 from 2013
  • 30 per cent of end-users click through a malicious URL (in an email) even though they have been warned of the danger
  • Only three per cent of malware examined use a set of behaviour that is not common or seen by today’s sandboxes
  • The most common malware groups can be identified by using a combination of just six attributes

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwaresoftwarewebsensethreat reports



Join key decision-makers within Environmental, Social, and Governance (ESG) that have the power to affect real change and drive sustainable practices. SustainTech will bridge the gap between ambition and tangible action, promoting strategies that attendees can use in their day-to-day operations within their business.

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments