Is Apple macOS cyber safe
Apple macOS has for years carried a perception that it is safe and even immune to cyber threats and attacks. Is this still true? If you own a Apple computer do you need to be actively engaged in protecting it from cyber threats.
This is the conclusion from ESET, an Internet Security firm regarding Apple computers in a whitepaper they published - “Apple’s macOS currently belongs to the safer spectrum of the operating systems on the market. Regardless of the security shortfalls, the manufacturer offers a very good security architecture that is constantly being updated and developed”.
In the whitepaper exploring Apple's security profile ESET talks through the beliefs that people have regarding Apple security that could lead to being open to an attack. They list the beliefs as follows:
1: There’s no malware for macOS
2: macOS is secure by design
3: Those few vulnerabilities don’t mean anything
4: Hackers are not interested in Apple
5: Macs don’t need a security solution
SentinelOne in a blog post list 10 myths about Apple security
1: I don't need to update my system
2: Mac Malware is Rare
3: Adware is not dangerous
4: Apple is all the security you need
5: I would know if my Mac was infected
6: My data is safe on my Mac
7: Criminals are not interested in Mac users
8: Nation- States dont target Mac
9: Apps downloaded from app store are safe
10: The best security apps are in the app store
The busted myths by ESET and SentinelOne should be enough to convince an Apple user to take security seriously. Apple themselves do the best they can to take security seriously. The individual end user is key in protecting the system. If the end user does not take their role seriously the system vunrability is significantly increased.
The problem with cyber crime is that it involves criminals doing things that they should not be doing. They don't play by the rules. There is no reason for them not to target the Apple operating system. It all depends on the perceived pot of gold for them. As there are more mac"s around the potential pot of gold has increased.
There’s no malware for macOS
This does not seem to be the case as Apple sales have increased so has the interest in the Cyber Criminal activity. Over the year 2021 10 new targeted macOS malware families have emerged.
“Each week, Apple identifies a couple of pieces of malware on its own or with help of third parties” - Craig Federighi – Apple’s VP of Software Engineering
macOS is secure by design
As a company Apple are aware of and go to great efforts to create a product that is cyber safe. The product has multiple layers of protection built into the architecture. But there are still struggles for example Big Sur which was the seventeenth major release of the Apple macOS released on November 12, 2020.
Between macOS Big Sur 11.0 to 11.6 there has been over 200 security updates. Some being critical. These updates demonstrate that Apple work quickly and are diligent about security. However there are holes in the system.
Hackers are not interested in Apple
Pre iPhone this may have been true. The success of the Apple computer has brought with it an increase in the number of users. This increase is especially true of business users.
Apple report that Mac Sales make up more than half of their sales
I would know if my Mac was infected
Most users become aware that they have been infected after the damage has been done. Users are not looking through files and binaries to identify changes that have been made and if the changes were authorised. Users have their day job work to get along with.
But if a user was to deep dive, the native tools don't give enough information these days to get to a real understanding if there is an infection. 3rd Party software would need to be installed to get the full picture.
The Matrix Attack Framework which identifies vulnerabilities and attack techniques show the following for the macOS environment
While Apple's environment is safe it is not enough to believe you are protected just because you own an Apple computer. You need to take appropriate steps to protect your Apple environment from being compromised.
So what are the appropriate steps?
Safety Detectives give a list of actions that a Mac user should do to be cyberspace.
Activities include
Proper backups
File encryption
Two factor authentication
Use of password manager
Use of VPN
Use of ad and tracking link blockers
Use of a Mac antivirus software
Change default settings
Keep your system updated