31 years ago, the first PC computer virus as we know it today, the 'Brain Boot Sector Virus', was released - opening the floodgates for the volume of viruses and other types of malware which followed and have plagued PC Users and IT Professionals alike ever since. Those running Apple computers though, come off relatively unscathed and thus the belief is born that Apple systems are immune to these malicious programs.
Fast forward to today though, and times have changed:
- No longer are 'viruses' written by guys in their Mum's basement who are just looking for a laugh or a way to pay homage to their favourite TV shows, but instead, those individuals responsible for the vast majority of malware in existence today are professional, large scale enterprises - typically backed by organised crime syndicates.
- No longer are the number of Apple devices in use too low (<1%) to justify the time and effort needed to create an application specifically for that operating system, but rather, Apple Computers & Laptops now represent almost a quarter of all units sold.
- No longer do malicious programs rely on disk exchange for file sharing or computers being connected through a local area network (both of which were notoriously difficult to accomplish on early Apple computers) in order to spread themselves. Instead, almost every computer in the world is now connected to the malware minefield that is the Internet, and everyone has at least one email address.
Unfortunately though, some things haven't changed: namely the belief by Apple users that they are immune to all forms of Malware - despite many recent public outbreaks proving this is definitely not the case. Most notable of these was the Flashback Trojan a few years ago which infected over 600,000 Mac computers - which was a very large portion of the user base at the time.
Likewise, the 'MacDefender' (later, 'MacGuard') Trojan which falls into the 'Fake Anti-Virus' category we see so many of today, infected large numbers of Mac users by pretending to be a useful program in order to have the user install it, only to then ask for payment at which point Credit Card details were harvested.
Mac's also aren't immune to the current Ransomware blight that is causing all businesses to review their Backup & Disaster Recovery policies either - 'KeRanger' was a Ransomware application specifically written to target computers running OS X and distributed itself through a popular BitTorrent Client.
Of course, all of these malicious programs can only exist due to vulnerabilities that exist in the operating systems & other software running on these computers - no vulnerabilities means no potential exploits. Unfortunately though, as the site CVE Details (which compiles information on Common Vulnerabilities and Exposures - or CVEs - from the National Vulnerability Database) shows, Apple's Mac OS AND its iPhone OS were in the Top 5 of the 'Top 50 Products by Total Number of "Distinct" Vulnerabilities' in both 2015 and 2017 - indicating there is likely to be plenty more exploits of these vulnerabilities yet to appear.
Because of this, it is essential that Apple Users follow the same safe computing practices that PC owners have been keeping up for years - namely:
- Keep your operating system and other software (Java, Adobe Flash, Chrome) protected from known vulnerabilities by installing all available updates.
- Protect against the unknown vulnerabilities by installing a professional Anti-Virus/Anti-Malware program for your chosen operating system from a reputable vendor.
- Avoid using Peer-to-Peer/BitTorrent programs for applications - there is no telling what another user has potentially done to the file before making its way to you.
- Practice safe email by not opening emails or attachments from organisations or individuals you don't know or aren't expecting.
If you would like to know how to protect your corporate network from the potential threats of an un-protected Apple Device, please contact the Altitude Innovations Team to discuss your available options.
Written by James Mills