Macs under attack?

It's arguable that the recent Flashback Trojan episode has been the tipping point when it comes to changing the face of the Mac security threatscape. But who is targeting OS X and iOS devices, how are they doing it and should the average business user be worried? Davey Winder investigates...

Orla Cox, senior security operations manager at Symantec Security Response, joins the chorus of disapproval when she told us that Symantec has seen a "slow but steady increase in attacks on OSX" going back to May 2011 with the "first crimeware kit for OSX, the Weyland-Yutani kit which allows would-be attackers to create their own bots for distribution, similar to the Zeus kit" right up to the Flashback Trojan for which it is "still seeing significant numbers of infections."

Cox warns that Mac users should certainly be cautious, particularly now that targeted attacks using malware written specifically for the Mac platform has been seen. "This type of attacker is persistent" Cox says "and will use whatever means necessary to gain a foothold in the organisation it has in its sights."

In Apple's defence though, some security experts such as Garry Sidaway, director of security strategy at Integralis, reminds us that, while Microsoft has traditionally taken the brunt of malware attacks "Apple has already implemented a lot of security features recommended by the industry, particularly in their latest release to try and address the common malcode exploits, buffer overflow, raised privileges [and so on]." However, Sidaway also thinks Apple would do well to learn the lessons that Microsoft has by working with information security analysts and strategic partners to reduce the risk surface to business (the Patch Tuesday exercise being a good example) if it wants to truly embrace the business world.

"At present, its cool and trendy image outweighs the security concerns for the individual" Sidaway told IT Pro adding: "but not for the businesses that are trying to manage BYOD".

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Most Popular

150,000 arrest records accidentally deleted from police database
data management

150,000 arrest records accidentally deleted from police database

15 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021