Macs under attack?
It's arguable that the recent Flashback Trojan episode has been the tipping point when it comes to changing the face of the Mac security threatscape. But who is targeting OS X and iOS devices, how are they doing it and should the average business user be worried? Davey Winder investigates...
Orla Cox, senior security operations manager at Symantec Security Response, joins the chorus of disapproval when she told us that Symantec has seen a "slow but steady increase in attacks on OSX" going back to May 2011 with the "first crimeware kit for OSX, the Weyland-Yutani kit which allows would-be attackers to create their own bots for distribution, similar to the Zeus kit" right up to the Flashback Trojan for which it is "still seeing significant numbers of infections."
Cox warns that Mac users should certainly be cautious, particularly now that targeted attacks using malware written specifically for the Mac platform has been seen. "This type of attacker is persistent" Cox says "and will use whatever means necessary to gain a foothold in the organisation it has in its sights."
In Apple's defence though, some security experts such as Garry Sidaway, director of security strategy at Integralis, reminds us that, while Microsoft has traditionally taken the brunt of malware attacks "Apple has already implemented a lot of security features recommended by the industry, particularly in their latest release to try and address the common malcode exploits, buffer overflow, raised privileges [and so on]." However, Sidaway also thinks Apple would do well to learn the lessons that Microsoft has by working with information security analysts and strategic partners to reduce the risk surface to business (the Patch Tuesday exercise being a good example) if it wants to truly embrace the business world.
"At present, its cool and trendy image outweighs the security concerns for the individual" Sidaway told IT Pro adding: "but not for the businesses that are trying to manage BYOD".
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Security best practices for PostgreSQL
Securing data with PostgreSQLDownload now
Transform your MSP business into a money-making machine
Benefits and challenges of a recurring revenue modelDownload now
The care and feeding of cloud
How to support cloud infrastructure post-migrationWatch now