Current trends involving Mac threats indicate that while attempts are on the rise, users remain the first line of defense — particularly as “show up when you want to” (SUWYWT) becomes the future of work.
The security risk remains
In the first few weeks of the pandemic, we saw multiple businesses invest in VPN software and new hardware as they equipped employees to work from home. In the UK, for example, Starling Bank claimed it purchased every available MacBook as the pandemic struck.
Now that working from home (WFH) is normalized, there’s a need to take stock of security concerns and remind employees of good security procedure on all platforms, including Macs. Apple’s platform seems to have enjoyed incredibly strong sales as companies upgraded for WFH, but even with better inherent security those Macs must also be protected.
According to Reed, Mac detections per machine are now almost twice as high as for Windows. “Mac detections for 2019 were about four times higher than 2018,” he said.
There’s a lot of reasons for this, of course, not least that the installed user base of Macs is growing. The other motivation is that the quality and value of the data on those Macs is higher, reflecting the wealthier user base. Numerous banks have consolidated around the Mac, which makes them a tempting target.
Money — or the hope of it — motivates malware makers to get a Mac payload installed.
What’s happening now
Around 84% of the total examples of Mac malware are simply Potentially Unwanted Programs and adware, Reed says. Just 0.3% of identified malware on the Mac is truly threatening. “It’s not a large slice of the pie, but it’s still something to be wary of,” he said.
Most of the malware affecting Macs relies on user error for installation, while the vast majority of the attacks are adware rather than something more sinister.
So, how are these attacks presenting themselves?
- ThiefQuest: Downloaded via torrent file-sharing sites using modified copies of…