( Photo by: Leif Martin Kirknes, Computerworld Norway)
Mac users have for many years laboured under the misapprehension that their machines are inherently more secure than PCs. For a long time, while Microsoft-powered PCs enjoyed stellar success, there was no real way to dispute this theory as time and again Windows was attacked by cybercriminals. However, things are changing in the information security landscape and a new piece of malware called Flashback has highlighted exactly why Mac users need to be more vigilant than ever before.
The Flashback malware family was first seen in September last year. It has been designed to carry out a range of tasks for the attacker, such as recruiting the machine into a botnet or stealing log-in details or sensitive data. The most recent attack began in March and compromised over 650,000 Macs mainly in the UK, US and Canada.
One of the main reasons why the Trojan was so successful is that it’s able to install itself on unprotected Macs without user interaction. The attackers infected several websites to launch so-called drive-by-attacks which only require the user to visit that site in order to become compromised.
Now, Macs are no stranger to malware – we saw the Mac Defender fake AV outbreak last year and more recently the Gh0stRat advanced persistent threat (APT) attacks on pro-Tibetan organisations were uncovered. But Flashback has shown that criminals have now calculated that it’s worth their while economically to target Mac users. To put it simply, Apple is becoming a victim of its own success.
Why should I care?
1) Flashback is just the tip of the iceberg. Security experts have been warning about this for a long time, but attacks against Macs have only just begun.
2) Apple’s built-in security for Mac OS X is not good enough and won’t protect users against the full range of threats in the wild.
3) If you don’t have up-to-date security software on board, even visiting an infected website could be enough to compromise your Mac and risk exposing your sensitive data to a cybercriminal.
4) Apple has been very slow to roll out patches in the past and took around six weeks longer than Microsoft, Adobe and Oracle to fix the Flashback flaw. This makes having good Mac security protection even more important.
What can you do?
When Apple does release a patch for a security issue it’s imperative you install it as soon as possible, to keep your machine fully up-to-date. More importantly though, invest in third-party software to enhance the limited built-in protection offered by Apple. Look for solutions which use cloud-based threat detection systems designed to dynamically protect against malware and malicious links, and stop zero day threats with reputation and behaviour-based technology.
Flashback wasn’t particularly ground-breaking or revolutionary but it was very successful because too many users weren’t prepared. A few simple steps should be enough to keep your Mac secure and your data safe from prying eyes.
Ric Ferguson works for Trend Micro and writes a blog called CounterMeasures. The opinions expressed here are his own.
NOTE: New Trend Micro customers can get a 6-month complimentary* copy of Trend Micro(tm) Smart Surfing for Mac, by visiting the Facebook Security – AV Marketplace or just “liking” the Trend Micro Fearless Web Facebook community.
* = Offer available only in U.S., Canada, U.K., Australia , and New Zealand at this time. Check back for additional countries in the coming months.