Any remaining relief about confidence among Mac users should have evaporated with a attainment of a Flashback Trojan, says Rik Ferguson.
The now notorious Flashback Trojan has hopefully, once and for all, exploded a parable that Macs are both some-more secure and reduction expected to be targeted by cybercriminals than PCs.
We’ve seen Mac malware in a past, of course. But both a scale of infections with Flashback and a disappointing response from Apple should be a wake-up call for any craving still labouring underneath a same aged misapprehensions about Mac security.
First speckled behind in Sep 2011, a Flashback malware is designed to settle a behind doorway on a compromised appurtenance by that it can implement payloads to do things such as take supportive information or turn a mechanism into partial of a botnet. The many new attacks began in mid-March and were so successful that some-more than 650,000 machines were compromised in countries such as a US, Canada, and a UK.
One of a categorical reasons since a Trojan was so successful is that it’s means to implement itself on defenceless Macs though user interaction, in so-called drive-by attacks that usually need a user to revisit an putrescent site to spin compromised.
Now, Macs are no foreigner to malware. We saw the Mac Defender feign AV outbreak final year and some-more recently a Gh0st RAT modernized determined threat (APT) attacks on pro-Tibetan organisations were uncovered.
However, Flashback has shown us that a criminals are unequivocally looking to spin adult a feverishness on Mac users and aim a height with attempted and tested techniques that have worked so good for them with a PC.
So since should firms be endangered about Mac security?
- Macs are usually going to get some-more popular, interjection in partial to a success of a iPhone and iPad, and cybercriminals always follow a money. As a user bottom grows, a ROI for rising attacks becomes some-more constrained for a bad guys.
- In-built Mac confidence program is woefully underpowered and built along normal file-signature refurbish lines. Put simply, it will not stop many threats, including zero-day attacks.
- Mac users mostly credit themselves with being some-more tech-savvy than PC owners. Whether or not this notice is justified, attacks such as Flashback describe a eminence spurious. User comprehension is really mostly not a cause in drive-by attacks, and besides, intelligent users don’t leave their machines unpatched and unprotected.
- The allege of consumerisation in craving IT, interjection to inclination such as a iPhone and iPad, has pulled Macs into a heart of a workplace. Unfortunately many BYOD policies do not offer a same turn of technical support for worker inclination and place a weight of securing a appurtenance on a shoulders of a individual. Firms can’t lift on with this head-in-the-sand approach.
- Apple was widely criticised for a tardiness in rolling out a patch for a famous Java disadvantage exploited by a Flashback attacks. In a end, it came 6 weeks after Microsoft, Adobe and Oracle expelled their fixes. Cupertino does not recover unchanging bulletins. It does not rate vulnerabilities and doesn’t plead confidence issues until rags are available. OS X is too popular now to continue with this old-fashioned strategy.
What Mac organisations need to do
Firms need to extend a same insurance to all inclination — either Mac or PC, worker or company-owned — that bond to a corporate network and conduct them by a single, one console. Patches contingency also be practical as shortly as they are available.
Perhaps a many critical indicate yet is to deposit in confidence program that does some-more than check for famous bad files, though can forestall users from following links to, or being redirected to antagonistic web pages.
Companies currently need confidence that defends opposite zero-day threats interjection to cloud-based threat-detection technology, that boldly checks for repute and poise as good as famous antagonistic files. Flashback didn’t use ground-breakingly new infection techniques or formula though simply worked since too many Macs weren’t protected.
Rik Ferguson is executive of confidence investigate and communications, EMEA, during Trend Micro. He has some-more than 15 years’ knowledge in a IT attention with companies such as EDS, McAfee and Xerox.
Get a latest record news and analysis, blogs and reviews
delivered directly to your inbox with ZDNet UK’s