Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Monday, 10 January 2011 17:18

2011 tipped as the year of Mac malware (again)

By

If you keep betting on the same number of a roulette table, you're sure to win eventually - right? But the behaviour of malware merchants is not a random process.


It seems as if security companies have for years been predicting a significant uptick in malware for Mac OS X, but each year passes with no significant outbreaks, despite the number of security patches needed by the operating system (and in some cases significant delays between a vulnerability being reported and Apple delivering a fix).

I must admit to being in the camp that says "yes, it could happen one day," and that's why I've been running antivirus software on my Macs for at least a decade. (Let's not get bogged down in semantic arguments about viruses vs Trojans vs whatever - we all know what we're talking about, and the Mac AV products I've looked at do detect Trojans.)

It seems to me that if there is a significant outbreak of Mac malware, I have more chance of avoiding it if I already have AV software running with frequent checks for updates than I would if I waited for news of an outbreak and then took action. Cost doesn't come into the argument, as there is a choice of free AV programs from major vendors.

But here's what McAfee officials said today:

"Apple: No longer flying under the radar
"Historically, the Mac OS platform has remained relatively unscathed by malicious attackers, but McAfee Labs warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence."

So what's changed in the last year or so? Please read on.




As far as the Mac is concerned, not a lot has changed since this time last year. Sure, sales have increased, but it's hard to claim that a threshold has or soon will be reached that suddenly makes it financially worthwhile to develop Mac malware.

And given the general shift from old-school viruses that spread via infected files or removable media, the idea that the Mac population isn't sufficiently dense for malware to spread is no longer relevant.

So I talked to Michael Sentonas, McAfee's Chief Technology Officer for the Asia-Pacific region. "We are seeing more Mac OS X malware coming through [McAfee Labs]," he said., specifically code that co-opts systems into botnets, fake antivirus software, and banking Trojans (as well as more general password-stealing Trojans).

"Slowly we're seeing ports of the common malware" to Mac OS X and mobile platforms, he explained.

"It's so easy to port any code across to [iOS devices] so the risk exposure will become a lot greater over the next 18 months," added Sentonas. Jailbroken iOS devices present more fertile ground for attackers, but if there weren't any vulnerabilities in the platform jailbreaking wouldn't be possible.

He also suggested that the growing number of application stores for various platforms will have an effect. "We will start to see more malware that will target [specific] apps," he said, suggesting that users need to be less trusting.

CONTINUED



However, it is worth noting that Apple carries out a degree of screening of applications submitted to the App Store and the Mac App Store, but some other stores such as the Android Marketplace are not curated.

Sentonas also suggested that people should show more concern for the privacy of their personal information. While it isn't usually too difficult  to clean up an infected computer or other device (as long as an adequate backup regime is in place), recovering from a case of identity theft or fraud is more of a problem.

 

CHIEF DATA & ANALYTICS OFFICER BRISBANE 2020

26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more

DOWNLOAD NOW!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments