Like true love, MySpace, and, uh, drum pants, macOS malware does, in fact, exist, no matter how many people doubt it.
“Despite prevailing opinion, macOS is not a ‘safer’ platform,” said a January threat report from the cybersecurity services and software provider BlackBerry.
Telemetry from BlackBerry found that 34% of client organizations using macOS had the malicious adware Dock2Master on their network (and 26% of machines had the application installed).
“This is not an urban legend…People say, ‘There’s malware for Macs, but we haven’t seen it.’ No, we are seeing it, and we’re seeing it in enterprise environments,” said Ismael Valenzuela, VP of threat research and intelligence at BlackBerry.
Mac attacks are no folk tale, thanks to cross-platform code. The popular programming language GoLang (Go), for example, allows developers to write statements just once before they are then interpreted on different platforms—including macOS. In its report, Blackberry noted an increase in the use of GoLang to target macOS systems with malicious spam emails.
Some of the Mac-specific malware found in the threat research:
- Adware: What looks like a legitimate application may, in fact, be an unwanted, ad-serving application like Dock2Master.
- Browser hijackers: Like their names suggest, these tools can steal the credentials and credit card information entered during sessions.
- Proxy malware: With support from programming languages like GoLang, which work with proxy libraries, this type of Trojan code turns infected machines into a malicious intermediate server.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Safe or out? So, what explains the “prevailing opinion” that Macs are secure? Apple machines have a relatively closed-off structure, said Valenzuela, and they don’t require as much backward compatibility as Windows machines.
Macs, no longer hiding in the enterprise shadows, have become a business preference, especially for a younger group of employees who know Apple devices. A Cisco survey, conducted by the data insights company Creative Strategies found that 59% of new hires are choosing a Mac, and 65% of employees eligible for a new laptop are choosing one, too.
“We continue to see the growth of Mac in both individual and business use. So, it’s becoming a greater potential value target,” said Doug Glair, director of the cybersecurity practice at the advisory ISG, who recommends that IT pros in charge of Apple devices engage in familiar best practices: Patch, educate employees, and shift from legacy network-centric based protections to individual access authorizations for each transaction.
Valenzuela also suggests granting as little privilege as possible per user, as well as adopting unified endpoint management tools, which manage all workstations, laptops, and mobile devices in one console, and across multiple platforms–macOS and more.
Because really it’s not about Macs being safer or not.
“No platform is safe,” said Valenzuela.—BH
Do you work in IT or have information about your IT department you want to share? Email [email protected].