Is it really time to run AV on your Mac?

700,000 victims, but just one drive-by download.

No matter which way you slice the numbers, the sheer volume and variety of Windows malware makes running XP, Vista or 7 without antivirus far more risky than running any version of Mac OS X without antivirus.

If you want to pay an annual license subscription to Symantec ($60), McAfee ($70-$90), F-Secure ($50), Kaspersky ($60) or BitDefender (AU$57 for three users), you can.

Assuming the average life span of a Mac or PC is three years, that’s around $180 for software you might not want (because of cost and processing power) but may need.

The question, following the “outbreak” that supposedly busted the myth that Apple malware does not exist, is whether antivirus for Mac OSX is actually needed?

Mac users should not assume they are entirely risk free, as shown by targeted attacks against unique social groups. But does the single mass, automated malware threat called Flashback or Fakeflash really justify the case for Mac users to install antivirus?

Highly-regarded security researchers claim the emergence of that single “drive-by download”, which Windows users have faced by the hundreds if not thousands for many years new, does justify installing antivirus on Macs.

“I think the time is changing right now when it is something you have to do on a Mac,” F-Secure’s chief security researcher Mikko Hypponen told CSO Australia.

But the argument that it’s necessary for Mac users to run antivirus rests on an over-simplified debate: whether malware exists (or not) for Macs.

Forget Apple’s marketing, which implies that Macs are “virus free” because they are not Windows machines, the AV industry would like consumers to believe that the mere existence of Mac malware of the Flashback type makes running antivirus worthwhile.

In the end, users will decide whether it's worth the price based, and they currently have a range of free or ‘freemium’ products to choose from, including Avast!, ClamAVm and Sophos – although I suspect Sophos intends to monetise its freemium product in the near future.

[Update: Sophos has confirmed it has no plans to monetise its free AV for home Mac users product, and Sophos will continue to provide this tool to users for free on an ongoing basis.]

But what ever happened to the question of calculated risk? For example, the risk of death if you choose to jay-walk when it is clear there is no oncoming traffic?

Russian antivirus firm, Kaspersky, last week outlined that there are currently just 300 ‘malware’ threats (adware, spyware, virus, trojans, included) for Macs. As stated above, it’s still quite minuscule compared with Windows systems.

Join the CSO newsletter!

Error: Please check your email address.

More about AppleAvastBitDefenderF-SecureKasperskyKasperskyMacsMcAfee AustraliaSophosSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place