When you say “computer security,” most people think viruses, worms, and other forms of malware. They also think that Mac users don’t really have to worry about it. And they’re correct. But that may be changing. Not only is the Mac becoming more popular, and therefore more worthy of criminal attention, there are many other ways Mac users can be targeted that are not platform dependent. It’s time to reassess the threats and decide whether Apple’s built-in security measures are sufficient to keep Mac users safe.
One of the commonly touted advantages of using a Mac is that it’s more secure and less prone to malware than a PC running Windows. It’s easy to see where this attitude comes from: the prevalence of viruses and network attacks against Windows machines is greater by several orders of magnitude. However, the lower rate of malware and attacks isn’t proof that the Mac is immune.
“With the Mac market share on the rise, we know that it will be become a more attractive platform for the bad guys to target. Our thinking is why wait until the proverbial poo hits the fan?” Carole Theriault, Sophos
Indeed, there has been an ongoing debate as to whether Mac users truly have more secure machines or simply enjoy ‘security through obscurity’, because they represent a modest fraction of computer users. Hackers go after the most widely used platform.
“Market share is an important factor in the emergence and development of malware for any platform, including the Mac. This is particularly true of a threat landscape that is dominated by cybercrime: cybercriminals don’t get a sufficiently large ‘bang for their buck’ if there are relatively few potential victims,” said Kaspersky security researcher David Emm.
Apple is gaining market share, however, so hackers may increasingly look to exploit the platform, particularly if it is perceived as an easy target with users ignorant of the threat (or unwilling to accept there may be one).
Attitudes and awareness
Sophos security consultant Carole Theriault said: “Many Mac home users are not very good at running security on their Macs. Today, threats that target Macs are much fewer in number when compared to Windows, but with the Mac market share on the rise, we know from experience that it will be become a more attractive platform for the bad guys to target. Our thinking is why wait until the proverbial poo hits the fan?”
A Sophos investigation into attitudes about Mac security revealed that 95 per cent expect Macs to be targeted by malware in the future.
There are Mac OS X threats, and more to come, claim to the experts
Kaspersky also predicts a growing threat to the Mac. “As the popularity of Macs continues to grow, so does the number of threats targeting the Mac OS,” said Kaspersky product manager Vartan Minasyan. “Our research suggests that many Mac users remain unaware of this, and do not have the right security in place to protect their computer.”
Of course, it’s in the interest of companies that make antivirus software for the Mac to promote the idea that Macs are threatened. Despite the suspected vulnerability, we have yet to see widespread malware for Macs: your risk of infection is essentially zero. Until those attacks appear, there’s little reason to invest in antivirus software, right?
Well, Sophos recently published details of the 20 most commonly detected malware by its Anti-Virus for Mac Home Edition. Many of the threats detected were Windows-specific, however, the list included some Mac OS X Trojans.
“Mac users can’t afford to keep their heads in the sand when it comes to protecting their machines,” said Sophos’s Graham Cluley. “As long as Mac users don’t properly defend themselves, they will increasingly be perceived as a soft target by cybercriminals and we will see the volume of Mac-specific malware rise.”
While it’s true that the number of Mac threats is tiny compared to the number of malicious programs written for Windows, this is no reason to become complacent. And in a mixed-platform environment Mac security becomes more important. Macs can’t be infected by a Windows virus, but they can pass one on to colleagues and customers. So while the risk to your Mac is currently small, one thing ensuring your machine is protected does is increase the protection of others.