Meanwhile, the Websense report said redirect chains, code recycling and many other techniques are allowing malware crooks to remain anonymous, making attribution difficult, time consuming and unreliable.
Widespread use of older standards in lieu of newer and more secure options continues to leave systems vulnerable and exposed. A brittle infrastructure allows threats to expand into the network framework itself, including the code base of Bash, OpenSSL, and SSLv3, Websense said.
In 2014, 81 percent of all email scanned by Websense was identified as malicious, an increase of 25 per cent on 2013. The company said it also detected 28 per cent of malicious email messages before an anti-virus signature became available. It identified more than 3 million macro-embedded email attachments in just the last 30 days of 2014.
The report also found that only three per cent of malware uses a set of behaviours that is not common or seen by today's sandboxes. The volume of malware threats also decreased by five per cent in calendar 2014 compared to 2013, and they are focused more on accuracy than volume.
Quiet, targeted attacks are proving to be far more effective for malware writers. These attacks are providing a greater yield than a wide scale attack which rings alarm bells for security teams to react.
"They [malware authors] are not playing the scattershot random game, they are getting in with a large body and are focusing in and targeting networks in a much more exclusive way," said Renert.
Sign up for CIO Asia eNewsletters.