Are Apple Macs/MacBooks secure from Cyber Attacks? The Myths of Mac Security
You have a Mac, so you can’t get virus’ right? That would make for a short article, however, this has become a common misconception in the Cyber Security Industry, so much so, that at Doncaster Business Showcase 2024 we actually were asked the question that if they have a Mac, they are secure from threats. This misconception is deeply ingrained within the user community, partly this is due to historical incident rates of malware on macOS compared to Windows, it is true that many more viruses are made for Windows, and this is primarily due to the fact that Windows (as of February 2024) hold a 72.17% market share, compared to macOS’s 15.42% market share.
Because Windows is used by more people, across more industries, it is a far more appealing target to cyber criminals as the malware they create can be effectively used to infect more systems, but this misconception is also partly due to effective marketing from Apple and more frequent updates when vulnerabilities are discovered.
However, it is important that people understand that whilst macOS is more secure than Windows, the cyber security threat landscape is constantly changing and evolving, and no operating system, including macOS, is immune to cyber threats. This article not only delves into the vulnerabilities that Mac users face, but also the cross-platform threats that affect all computer users, and the universal cyber dangers in today's interconnected world.
Why is macOS more secure?
macOS is often considered more secure than Windows for several reasons.
- Its Unix-based foundation provides inherent security features, such as ‘sandboxing’, which isolates applications from each other and the wider system, reducing the risk of malware spreading.
- Apple's strict app vetting process for the App Store significantly minimises the chances of malicious apps being available to users.
- Apple employs Gatekeeper, which ensures that only trusted software runs on macOS by requiring apps to be digitally signed (or ‘notarised’) by a developer recognised by Apple.
- macOS also includes built-in encryption tools like FileVault, which secures data on the hard drive with powerful encryption.
- Regular security updates and patches are promptly released and automatically installed, addressing vulnerabilities swiftly.
These layers of security, combined with a less targeted user base compared to Windows, contribute to macOS's reputation for being more secure. However, it is important to note that no system is entirely immune to threats, and maintaining security best practices is essential for all users.
The Vulnerability of Macs
The narrative that Macs cannot be infected by viruses or hacked is a myth that needs dispelling. As Macs have become more popular (especially in the business space), doubling in market share over the past 10 years, they've attracted more attention from cyber criminals, leading to an increase in Mac-focused malware. A few notable examples of these include:
- ThiefQuest/EvilQuest: Discovered in 2020, ThiefQuest/EvilQuest not only encrypts users' files but also installs a keylogger and a reverse shell for comprehensive control over the infected system.
- Shlayer Trojan: First identified in 2018, Shlayer is a trojan that has been particularly active. It primarily distributes adware and PUPs, tricking users through fake Adobe Flash Player update prompts.
- XCSSET: Surfacing in 2020, XCSSET targets software developers by infecting local Xcode projects. It is capable of stealing credentials from various sources and exploiting vulnerabilities in Safari to hijack cookies and inject malicious JavaScript into websites.
These instances underscore the reality that Mac systems are indeed susceptible to malware and cyber attacks, challenging the notion of inherent security. It is worth noting that Apple acted quickly in each of these cases to release updates that patched the exploited vulnerabilities, however not before many users had already been attacked.
People are Still Vulnerable
It is important to understand that whilst the OS (Operating System) is more secure than it’s Microsoft counterpart, the people using it are still the most vulnerable point of entry into your business.
Phishing for Information
Leveraging social engineering, phishing attacks manipulate users into divulging sensitive information, stealing account credentials, or downloading malware. These attacks exploit human psychology rather than technological weaknesses, making them highly effective against users who are not educated in the common signs and businesses who do not have right solutions in place to protect themselves from advanced attacks.
Dangerous Rubber Ducky
A particularly innocuous threat that does not discriminate by operating system is the Rubber Ducky. Resembling a typical USB drive, it executes pre-configured payloads that mimic keyboard inputs at an astonishing speed. Whether it's to download malware, exfiltrate data, or compromise systems in other ways, the Rubber Ducky highlights the vulnerability of physical security and the importance of caution with unknown USB devices across all platforms, including macOS and Windows.
The Man-in-the-Middle Attacks
MitM attacks intercept and alter communications between two unsuspecting parties. Through insecure Wi-Fi networks or compromised websites, attackers can steal data or deliver malware, posing a risk to everyone online.
Strategies for Enhanced Security
To mitigate these threats, users must adopt a multi-layered approach to security:
- Comprehensive Security Software: Advanced Endpoint Security Solutions, such as Endpoint Detection & Response, and Ringfencing solutions can provide protection against even the most sophisticated threats, using AI and Machine Learning technologies to monitor for suspicious and malicious activity and threats, stopping them in their tracks.
- Regular Updates: Keep the operating system and all applications up to date. Security patches are frequently released to address vulnerabilities.
- Education: Education on the latest Cyber Security Threats is incredibly important for all users. By educating ourselves on these threats, it makes them easier to spot, ensuring that your users are your first line of defence against this cyber onslaught.
- Secure Networks: Whilst in a business environment 99% of people will be fine, the use of Man-in-the-Middle and Brute Force Attacks is growing with the ease and availability of tools such as the WiFi Pineapple. Using tools such as VPNs when on Public Wi-Fi ensure that traffic over these Wi-Fi networks stay encrypted and secure.
How can TwentyFour IT keep your business protected from Mac Threats?
The belief in Mac's immunity to cyber threats is a myth that significantly compromises user and business security. By understanding the realities of Mac-focused malware, cross-platform devices like the Rubber Ducky, and universal threats such as Phishing and MitM attacks, we can ensure that Businesses can take informed steps towards protecting themselves.
The Cyber Security threat landscape is continuously evolving, with more than 560,00 new cyber threats discovered daily and more than 2.39 million attacks on UK (United Kingdom) Businesses over the past 12 months. Staying informed about the latest threats and defensive measures is essential for businesses, regardless of the operating systems they use.
At TwentyFour IT Services, we work with businesses to ensure that they stay protected from these latest threats.
Take our FREE Cyber Security Health Check by completing the form below, and we will work with your business to see if you could be exposed to cyber threats.