Macs More Vulnerable, Spyware A Danger - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:06 PM

Macs More Vulnerable, Spyware A Danger

Enterprises using Apple's Macintosh shouldn't smirk too much over their perceived immunity to the kind of security problems that plague Windows users, a research analyst said.

Enterprises using Apple's Macintosh shouldn't smirk too much over their perceived immunity to the kind of security problems that plague Windows users, a research analyst said.

"It only takes one exploited weakness to cause trouble," said Gartner analyst Martin Reynolds.

Reynolds' cautionary comment comes just a week after Symantec released its semi-annual Internet Security Threat Report, in which it noted that vulnerabilities in the Macintosh operating system were increasing.

And while Symantec noted 37 vulnerabilities in Mac OS X during 2004, it said that companies and individuals using Apple's hardware and OS should prepare for more to come.

"It's clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various UNIX-based operating systems," Symantec's report said. "Symantec believes that as the popularity of Apple's new platform continues to grow, so too will the number of attacks directed at it."

The new Mac mini, aimed at less security-savvy users and projected by some to double the Mac market share to around five percent, is another reason why users should expect more vulnerabilities to surface, said Symantec. "Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code[and] the number of vulnerabilities can be expected to increase, as will malicious activity that targets them."

But although Gartner's Reynolds warns Mac users to take precautions, he's not convinced Symantec's more dire predictions are on the mark. "Symantec's trying to drum up Mac security business," he said.

"Any major security vulnerabilities in Mac OS X are down the road," he said. "The OS is good at keeping out attacks, and Apple has a good patching system. What I would be concerned about is directed attacks or maybe spyware."

Enterprises using Macs should worry about vulnerabilities being exploited by individual hackers and aimed at them explicitly, perhaps by employees or former employees, Reynolds said. "Another potential problem is spyware. Although it's almost nonexistent on the Mac platform today, problem spyware could emerge. Spyware that exploits vulnerabilities would be nearly impossible to get out of the machine."

The traditional Windows-centric method of hackers to gain control is via a mass-mailed worm, but even with its increasing popularity, that's not a likely avenue of attack on the Mac.

"I don't expect to see a worm attack," Reynolds said. "The Macintosh still has far too low of a profile."

Even if, as Gartner estimates, the Mac has about a 3 percent market share, that means any Mac worm wouldn't spread 97 percent of the time. "A hybrid worm targeting both the Mac OS and Microsoft Windows could be developed, but such an attack would be difficult to orchestrate," he added.

Still, it pays be prudent, Reynolds said. "Don't assume that your Macintosh systems are immune. Make sure you have the proper protection, like firewalls and filtering. and guard against spyware infestations."

As if to emphasis Mac OS X's vulnerabilities -- and the patches that it puts in place to plug those holes -- Apple last week released an update that took care of 10 vulnerabilities, including one in its Safari Web browser. Apple now rolls out security updates on a regular monthly schedule.

Apple's latest update can be downloaded from here; Server OS X users should head here instead.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Register for InformationWeek Newsletters
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll