Evolving threats to Mac environments

Mac users exercise less caution, says Secdo security evangelist Mitchell Bezzina, which means there is a higher risk of exploits and malware infection.

Evolving threats to Mac environments

It was inevitable: Mac's emerging vulnerability to hacks. Secdo security evangelist Mitchell Bezzina spoke to TechRepublic's Dan Patterson on how to handle ransomware. The following is an edited transcript of the interview.

Dan Patterson: Mitchell Bezzina, you are the security evangelist for Secdo. Let's talk a little bit about emerging threats for the Mac. Mac, of course, is making big inroads with business technology. What does the Mac security landscape look like?

Mitchell Bezzin: Look, it's constantly changing, very similar to the Windows landscape. To put in it in a few words, the unfortunate side of the Mac world is that it's being used by a lot of execs for the time being, and, unfortunately, the view on Macs, is that they don't fall victim to the same exploits and vulnerabilities that Windows do. It's very typically the same as Windows, it's just lesser known and lesser focused on.

Dan Patterson: What kind of threats exist?

Mitchell Bezzin: Across the same portion as Windows, malware, Trojans, ransomware is even starting to attack Macs as well. An important and interesting Malware that's quite recent and famous is the OSX malware that actually infected distribution servers for an app. Basically, distributor has a legitimate app, but when installed, it created a boot-persistent Trojan that communicates with CNC servers and that allows the distribution of other malware and, obviously, access to the system.

Again, that was a legitimate application and it just embedded itself using a known vulnerability and because they're less known and they're less looked after and there's less securities specialists for Macs, they're attack campaigns and they're use of that distribution method, actually lasts a lot longer than typically on Windows because they're not found as quickly.

Dan Patterson: I'm glad you mentioned that Macs have the perception of being safer and more secure. I wonder if you can help understand the reality here. Is it the Mac architecture is less vulnerable or is it simply security through obscurity?

SEE: Top 20 Apple keyboard shortcuts for business users (free PDF) (TechRepublic)

Mitchell Bezzin: Probably a little bit of both. Apple does have a good job of locking it down; it's less open, unlike the PC architecture that more people are using and very much more open. But then there is a relative amount of obscurity as well. Again, it seems to be that Mac users tend to be, in business anyway, the executive team because Windows machines are cheaper and more distributed. Then because there's a fewer caution, it's a smaller problem, so to speak, for the security team itself. Unfortunately, what that actually means is that there's actually more high-risk data on that smaller group of laptops, but it gets attention.

Dan Patterson: Does this extend to OIS as well or are the threats particular to the Mac OS ecosystem?

Mitchell Bezzin: Absolutely it extends to IOS as well. It's the same premise as well. There's probably just slightly less IOS users in the world. U.S. tends to be a higher user-base than Europe, for argument's sake, and the Android phones tend to be a little bit more vulnerable because of their open nature, but there same attack victors still exist on IOS.

Dan Patterson: Often we talk about what firms, what companies, whether their SNBs, start-ups, or enterprise companies can do to defend themselves, but for execs, what specific steps can they take to make sure that their Mac environment is secure?

SEE: Why in-house healthcare could be the next big perk for tech companies like Apple (TechRepublic)

Mitchell Bezzin: For execs, specifically, there's a couple things. First of all, I only download apps from the app store itself. Even if you're going to someone's website, let's say, a distributor of applications, try not to download the app from there. Go back to the Apple Store and download the app itself. That plays relevance back to that example I provided where that came from a distribution site, rather than the Apple Store, who put in security checks in place before and after it is uploaded.

The second one's probably another one that's interesting is, because that belief that it's more secure, there are very few Mac systems that actually have any malware or any virus installed, so go out and grab one of those and get them installed or at least, from your enterprise, make sure that you're with an AV vendor that supports Mac just as much as they support Windows.

Also see