|
|
|
|
|
Time for Mac Users to Get Serious About Security
Published Jun 3, 2012
|
Mac users have for many years laboured under the misapprehension that their machines are inherently more secure than PCs. For a long time, while Microsoft-powered PCs enjoyed stellar success, there was no real way to dispute this theory as time and again Windows was attacked by cyber criminals. However, things are changing in the information security landscape and a new piece of malware called Flashback has highlighted exactly why Mac users need to be more vigilant than ever before.
The Flashback malware family was first seen in September last year. It has been designed to carry out a range of tasks for the attacker, such as recruiting the machine into a botnet or stealing log-in details or sensitive data. The most recent attack began in March and compromised over 650,000 Macs mainly in the UK, US and Canada.
One of the main reasons why the Trojan was so successful is that it’s able to install itself on unprotected Macs without user interaction. The attackers infected several web sites to launch so-called drive-by-attacks which only require the user to visit that site in order to become compromised.
“Apple machines are very popular and increasingly finding its way into the corporate environment, which is especially true for us here in the region. Apple users are under the false pretence that their machines are safe from cyber attack – vulnerabilities are out there and the possibility that it will infect your Mac is very high,” commented Nick Black, Senior Technical Manager - Trend Micro
Now, Macs are no stranger to malware – we saw the Mac Defender fake AV outbreak last year and more recently the Gh0stRat advanced persistent threat (APT) attacks on pro-Tibetan organisations were uncovered. But Flashback has shown that criminals have now calculated that it’s worth their while economically to target Mac users. To put it simply, Apple is becoming a victim of its own success.
Why should I care?
1) Flashback is just the tip of the iceberg. Security experts have been warning about this for a long time, but attacks against Macs have only just begun.
2) Apple’s built-in security for Mac OS X is not good enough and won’t protect users against the full range of threats in the wild.
3) If you don’t have up-to-date security software on board, even visiting an infected web site could be enough to compromise your Mac and risk exposing your sensitive data to a cyber criminal.
4) Apple has been very slow to roll out patches in the past and took around six weeks longer than Microsoft, Adobe and Oracle to fix the Flashback flaw. This makes having good Mac security protection even more important.
How to stay secure?
When Apple does release a patch for a security issue it’s imperative to install it as soon as possible, to keep the machine fully up-to-date. More importantly though, invest in third-party software to enhance the limited built-in protection offered by Apple. Look for solutions which use cloud-based threat detection systems designed to dynamically protect against malware and malicious links, and stop zero day threats with reputation and behaviour-based technology.
Flashback wasn’t particularly ground-breaking or revolutionary but it was very successful because too many users weren’t prepared. A few simple steps should be enough to keep your Mac secure and your data safe from prying eyes.
Posted by
VMD - [Virtual Marketing Department]
|
|
|
