Over the past decade, Apple has avoided the types of security problems that have plagued the Windows-based platform. Part of this can be attributed to the fact that the Mac’s relatively low market share has kept the platform under the radar of malware writers, who have primarily focused on Windows PCs to launch more widespread attacks.
But as cyber crime evolves and targets change, Mac users who once operated with the mindset that attackers are only focused on Windows systems, need to think again.
While the Mac OS X is touted as a highly secure operating system, the growing market share of Mac products and applications–especially by high-value targets like executives and generals–has caught the attention of cyber criminals. This has created a major shift in the systems hackers are targeting today. As they move away from Windows PCs and target other operating systems and platforms, Mac users are now facing many of the same types of security challenges that Microsoft users face.
In my research, I continue to find more and more signs of how Macs aren’t as immune to malware attacks as one may think they are, including:
- If Macs were perfectly secure, Apple would not be constantly releasing security updates for Mac OS and its applications.
- Mac kernel-level rootkits have already been discussed in Phrack magazine.
- “The Mac Hacker’s Handbook” examines how Mac OS X can be attacked, and how to best handle security weaknesses.
- Traditional antivirus vendors are selling Mac security products utilizing traditional blacklisting technology.
As we head into the second decade of the 21st Century, it’s important to understand that Mac OS is not inherently more secure than Windows or any other OS, and that the days of Mac users operating under the radar from malware, viruses and other worms, are over.
The bottom line is Mac malware does exist. It would be naive to think that Macs are invulnerable to attacks, and even worse not to run third-party security solutions like so many Mac users continue to do. The real question is what solution to use? As Toney Jennings recently blogged about here on WhiteSpace, CoreTrace believes that deploying 25-year-old reactive technology that has been proven ineffective in the Windows world is not the answer. For Mac users, this is an opportunity to start fresh by implementing proactive protection based on application whitelisting. In doing so, IT teams and users receive three key benefits:
- Advanced threat prevention
- Configuration control
- Application intelligence