Mac malware risk
Its time for our customers and macOS users to take the threat seriously. The risk is real and we have an answer.
by Scott Morabito
For as long as I’ve been working in IT and Apple, customers have always asked me whether they need to worry about viruses and malware on the Mac. Whenever I was asked that question I would recall the days of MacOS 9 when there existed a worm that traveled between floppy and ZIP drives infecting random files. Back then, antivirus products were barely available for Windows, and completley non-existent for Mac. My reply to customers all of these years has been relayed with a combiation of confidence and pride: “Macs are not a target”.
When the iPhone gained traction, I had concerns that the prevalence of the device would make it a target – and it was. The good news is that iOS is very secure due in large part to the required curation of apps that can be installed. Although the iPhone is a big target, the security and features sets keep them protected.
Macs, however, are another story. Unlike iOS which was developed from scratch by Apple in the 200o’s, macOS 10 was build from UNIX. The whole point of UNIX was for research and development purposes a.k.a “power users”. A creator of malware of viruses can be referred to as a nefarious power user. In other words, the ability to do powerful things is at the core of the OS.
Even though macOS (previosly known as OS X) has been a potential target, the have not been many exploits written and extremely low relative to Windows. Anectodatlly, almost ever Windows users I’ve known has had some sort of massive system corruption over the years due to malware. Working in the Apple IT industry, I honstley cannot recall once incident like this.
A few things have changed over the last year that have elevated my concern for macOS users. The PC market share for Macs is hovering between 12% and 14%, up from 4% 10 years ago.
I see the effect of this every day with organziations I work with. I have the opportunity to regularly work with Fortune 500 and Fortune 1000 companies and they are rolling out (and relying on) fleets of Macs in places you’d never imagine 10 years go. As number of Macs grow, they become a larger target.
Another change we’ve seen has been the increase in Malware written for macOS. One antivirus vendor McAfee reported a 744% jump in malware in last year. They admit most of this was Adware, but these are big numbers. [https://9to5mac.com/2017/04/06/macos-malware-mcafee-threat-report-april-2017/]
Last year we also saw the first real ransomeware delivered on a Mac via the Transmission app (used for bittorrent file sharing) and more recently a very popular video compression application Handbreak was infected with malware. It should be pointed out that these applications were not Apple AppStore apps, but these are applications that my customers use.
At this point it is safe to assume we don’t know where the next attack will come from. Now that the risk is real, its my job to communiate this risk to my customers and provide them solutions.
At TechTonic, we have developed a security strategy that includes an action plan for malware and antivirus. Its not 1999 anymore.
Scott Morabito is a technologist and founder of TechTonic. He was trained as a computer scientist and resides in Concord MA.