Macs under attack?
It's arguable that the recent Flashback Trojan episode has been the tipping point when it comes to changing the face of the Mac security threatscape. But who is targeting OS X and iOS devices, how are they doing it and should the average business user be worried? Davey Winder investigates...
Orla Cox, senior security operations manager at Symantec Security Response, joins the chorus of disapproval when she told us that Symantec has seen a "slow but steady increase in attacks on OSX" going back to May 2011 with the "first crimeware kit for OSX, the Weyland-Yutani kit which allows would-be attackers to create their own bots for distribution, similar to the Zeus kit" right up to the Flashback Trojan for which it is "still seeing significant numbers of infections."
Cox warns that Mac users should certainly be cautious, particularly now that targeted attacks using malware written specifically for the Mac platform has been seen. "This type of attacker is persistent" Cox says "and will use whatever means necessary to gain a foothold in the organisation it has in its sights."
In Apple's defence though, some security experts such as Garry Sidaway, director of security strategy at Integralis, reminds us that, while Microsoft has traditionally taken the brunt of malware attacks "Apple has already implemented a lot of security features recommended by the industry, particularly in their latest release to try and address the common malcode exploits, buffer overflow, raised privileges [and so on]." However, Sidaway also thinks Apple would do well to learn the lessons that Microsoft has by working with information security analysts and strategic partners to reduce the risk surface to business (the Patch Tuesday exercise being a good example) if it wants to truly embrace the business world.
"At present, its cool and trendy image outweighs the security concerns for the individual" Sidaway told IT Pro adding: "but not for the businesses that are trying to manage BYOD".
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now