For a long time, one of the most common reasons for buying an Apple computer over a Windows-based one was that the former was less susceptible to viruses and other malware. However, the perceived invulnerability of Macs to all manner of computer nasties may not have any grounding in reality – or at least, not anymore.
Earlier this month, a new tech support scam found its way onto iMacs and MacBooks, and froze the user’s system by repeatedly opening iTunes. The installed malware then triggered a pop-up telling the user that their device had been compromised and their data and pictures would be stolen unless they called a fake Apple support number.
Similarly, in 2012, 600,000 Macs were infected with a Trojan called Flashback, which exploited a hole in the notoriously unsecure Java platform to steal personal information. The situation (and the one above) were quickly dealt with by Apple – 2014’s “Rootpipe” infection took seven months to fix in comparison – but the company’s security situation may get worse before it gets better.
Firstly, compared to the overwhelming popularity of the iPad, iPhone, and Apple Watch, macOS holds just a 9.61% share of the operating system (OS) market, according to Statista. Excluding the 7.21% held by Linux and niche OSes like Chrome OS and Haiku, Microsoft’s Windows is installed on 83% of home computers around the world.
With the above in mind, macOS users have historically presented a lower attack surface to criminals than Windows – there’s simply not as much to infect. However, Mac adoption is growing, which means that the device becomes a more enticing target for ne’er-do-wells with each passing month. There were 948 different pieces of malware affecting Macs in 2015, 768 (or 81%) of which appeared in 2014.
Secondly, macOS is a hacker’s paradise. Following years of relying on factors like a low market share and the complexity of Apple’s Unix-based environment as a deterrent to malware attacks, the Mac now “has more high-risk vulnerabilities than all versions of Windows put together”, to quote Bogdan Botezatu, of Bitdefender.
It all sounds a little unpleasant but users are far from helpless in the face of malware and cybercrime.
The obvious panacea to security concerns is to download a suitable antivirus software for Mac. In the past, Mac users haven’t had to educate themselves as urgently as PC users on the topic of not only avoiding but also removing a virus that’s already infected their system, but now is the time to do that. If you’re a Mac user, it’s also a good idea to look into available antivirus solutions more carefully – does your current choice cover all your needs? For example, security company Avira offers a scalable solution (free to £29.99) that has recently been updated to include protection against ransomware. Popular Windows platforms, Norton and ZoneAlarm, also offer options for Mac users.
Unix and macOS both have security features designed to stop users from inadvertently installing malware, like the App Sandbox and Safari’s anti-phishing functionality, and Apple should prevent the installation of anything that isn’t pre-approved by the Cupertino-based company’s App Store (although it is possible to switch the feature off).
However, arguably the best way to stay safe on any platform (and the most overlooked) is to keep even the most unloved piece of software up-to-date – or, if it’s unloved, remove it altogether. For instance, many of Java’s almost daily updates are released specifically to plug security holes in the software, the kind of vulnerabilities that let Flashback in almost five years ago.