What You Can Do To Protect Yourself From Big Mac Attacks

Mac and Windows PC users will each claim they have the superior operating system (OS), but when it comes to security there aren’t as many differences as you would think.

Many Mac users are under the illusion that they are immune to the malware, trojans, and viruses that Windows users are susceptible to.

The advertising for Mac gives the wrong impression

Ads like these have created a misconception that Mac users don’t need to worry about security, but as Lysa Myers, the senior Security Analyst for the Mac security software company, Intego, says, “As far as attackers are concerned, Macs and PCs are the same: it’s a computer” And there is no such thing as a totally safe computer; as long as a hacker can find your computer, they can hack into it.

So why does it seem like there are never any stories about Macs getting hacked? Why do PCs always seem to be the target of any large scale cyber-attacks?

In the past, hackers have not really bothered with Mac computers simply because there weren't enough of them around. Even the latest numbers from NetMarketShare show that Macs still don’t even represent ten percent of global market share for desktop computers. With so few Macs out there, it’s just not economical for hackers to target them.

Windows PCs control the desktop computer market

And since Windows has dominated the market share for so long, there is a greater infrastructure built around hacking PCs. As Stefan Savage, a professor of computer science and engineering at the University of California, San Diego says, "there is an established ecosystem around Windows that really helps reinforce that platform's dominance [as a target], including malware-writing tools, markets to buy and sell malware, infrastructure to deploy malware and lots of open-source information on new exploitation techniques. It takes time to build that kind of community."

However, as Apple’s market share continues to grow, and Macs are used by bigger institutions, they will become more lucrative for hackers.

Recently, Mac users got a glimpse into the vulnerabilities of their OS when Palo Alto detected that the Bittorrent client, ‘Transmission,’ was infected with ransomware targeting Mac users. Any Mac users who downloaded the app also got the malicious software (or malware), named ‘KeRanger’ which seems to be the first successful ransomware attack on Mac OS.

Ransomware is a type of malware that encrypts files on a computer and locks them from being opened or accessed until a certain amount of money is paid to the hackers. In this case, the hackers demanded the victims pay one bitcoin (around $400) in order to get the encryption key, which would unlock their files.

The ransomware note has step-by-step instructions on how to release the victim’s data

All Macs have a built-in security measure called Gatekeeper, which denies any applications with malicious software from being installed. Unlike Windows, Apple approves every application that is featured on the App Store, while applications from other vendors are inspected for malware before they can be opened. If the application is deemed harmful, Mac users will get a notification, warning them about the application.

Read more: Apple yanks malware from AppStore that targets non-jailbroken iPhones

KeRanger was able to bypass Gatekeeper by using a valid Apple development certificate, making it appear as if the application was already approved by Apple. When they learned about the problem, Apple took down the certification ID, and anyone who downloaded the Transmission app got this notification:

The warning users got after Apple changed the certificate for Transmission

The response from Apple was fast, but the ransomware is still being refined. Now, the hackers are attempting to encrypt the user's backup files on Time Machine too, which Mac users have used as a fail-safe to backup their files.

A few years before that, in 2013, Apple itself was attacked by a trojan called Pint-sized, which infected the computers of some Apple engineers. Security firm F-Secure claimed that hackers were trying to access codes to infect millions of smartphones.

And few years before that, in 2011, more than 600,000 Macs were infected by a trojan called Flackback, which could look through the user's data for information to steal—including credit card numbers, passwords, and other valuable information.

There are many more instances of Macs being infected by malicious software throughout its history. If you want to see a longer list of malware attacks on Macs, you can find one here.

Even with all these attacks, none of them have been big enough to convince Mac users that they need to take any preventative actions against them. If you happen to be one of the few Mac users who is worried about security, here are a few ways that you can protect yourself from being a victim of malware:

Turn On Automatic Updates

According to GoSquared, only half of Mac users have upgraded to the current OS (El Capitan), which leaves them more susceptible to attacks. It is essential for Mac users to update their OS and software because each update includes patches that help protect against the malware attacks that Apple knows about. In fact, most all of the malware examples listed above could have been prevented (or at least minimized) by turning on automatic updates.

The instructions on how to turn automatic updates can be found here.

Run antivirus software on your Macs

As detailed above, Mac users should install antivirus software on their computer just like Windows users. In fact, antivirus alone would have prevented most Mac infections listed above.

There are many options to choose from here.

Remove Java

Java is a cross-platform environment for running applications or “applets”. If you didn’t know what Java is, you don't need it on your computer. Most websites don't even use Java applets anymore, so you won't miss it. Plus, according to the security company, Kaspersky, Java has been the cause of half of all attacks affecting computers. The problem lies in the fact that Java doesn’t check if the content it is playing is secure, so it creates a perfect place for hackers to code in malware.

The instructions on how to remove Java can be found here.

Do not disable Gatekeeper

Even though malware can sneak past Gatekeeper with a phony Developer ID, enabling it will not hurt. It would also be best to limit downloading applications from third parties all-together. If you can find what you need on the official AppStore, it would be safer to get it from there.

Backup all your data to an External hard drive.

Time Machine is great, but to ensure that data is really secure from hackers, you can disconnect it from the network entirely. Using external hard drives is the only sure way to keep your data out of the hands of hackers; unless they are able to steal the external device itself.

Browser Security

It goes without saying that users also have to take some responsibilities for their own security. This means being careful about the websites you visit, and what links you click on, and what you download. Also, watch out for suspicious looking emails and attachments. It seems obvious, but even Mattel recently fell for a $3 million phishing scam, so it can happen to anyone.

If you are at all suspicious of a website, do not chance it. The easiest way to get infected with malware is to indiscriminately click on any link and open any email, regardless of how questionable they seem.

As Macs become more popular, users have to learn to protect themselves the same way Windows PC users do.

It’s only a matter of time before Mac users have to deal with being attacked, and they are not going to have the tools in place to deal with hackers. Since Apple has not invested the time, energy, or intellect that Windows has with malware prevention and security, it actually leaves Macs more vulnerable to attacks.

Pedro Bustamante, Vice President Products & New Technologies at Malwarebytes says, "Cybercriminals are on the lookout for easy targets, and nothing could be easier than capitalizing on under- or unprotected Mac systems shrouded under a false sense of invincibility."

So, it might be a good idea to take measures upon yourself before the malware hits the fan.

Join the CSO newsletter!

Error: Please check your email address.

Tags MachackersGatekeeperOSWindowsjavaappstoremalwarePCsBytes For All

More about AppleApple.F-SecureIntegoKasperskyMacsMalwarebytesMattel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gabriel Bly

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place