Is It Time for a Mac Attack?

After years of successfully dodging the vast majority of viruses, spyware, ransomware and other malware typically directed at PCs, it seems that Mac may be nearing the critical mass necessary to attract cyberthieves. It’s definitely getting closer.

According to AppleInsider,

“In the fourth quarter of 2016, Apple saw a 4.5 percent increase in shipments…as the wider PC market fell further into the red.”

To put it simply, Macs are becoming more popular, and that shouldn’t come as a surprise. Visit your local coffee house and you’ll probably find the vast majority of patrons are sipping their lattes while staring into a silver laptop with a glowing apple on its back.

But there’s a downside to the glow. Being in the spotlight can make you a target, and an overall market share of seven percent might be the tipping point that makes the development of Mac OS-directed malware worthwhile for cybercriminals.

Mac Users Warned About New Malware Variants

Last week, cyber security experts warned Mac users of two newly discovered malware programs on the Dark Web built specifically for Apple Mac computers and allegedly designed by professional software engineers. These programs were being delivered as Malware-as-a-Service (MaaS) offerings with the opportunity for attackers to customize them to fit their specific needs.

The first, MacRansom, was a ransomware program that encrypts data stored on the machine, and decrypts it only after a ransom payment is provided. The second was a spyware program designed to monitor and record user activity, including screenshots and a log of all key strokes and send the resulting data back to the attacker. Both were made available at no cost, and any ransom collected would be shared between the malware authors and the criminals that successfully exploit it.

Researchers were able to get hold of a sample for analysis and the good news was that the encryption was amateurish when compared to other variants in the wild today. The bad news was that the decryption keys were so poor that successful decryption would be unlikely – data would be unrecoverable whether ransom was paid or not.

Mac Management Best Practices

Now, it’s not time to run to your underground bunkers just yet. McAfee estimates that there are just under half a million pieces of malware searching the Internet for Mac victims. But that still pales in comparison to the more than 23 million malicious programs targeting PCs. If you’re using a Mac, you’re still far less susceptible to any attack, but precautions are becoming increasingly necessary. Those precautions should include:

  1. Back up your data — religiously. Ransomware programs typically don’t steal your data. They encrypt it and sell the encryption keys back to you. So, if you’ve got all your data backed up, you’re not a very good victim.
  2. In concert with number one above, find a solution to automate this process. Stop trying to remember, and stop saying you’ll get to it next week. Set up an automated backup solution today and then forget about it — until you need it.
  3. On the enterprise side, you need to keep any and all malware out of your organization. You can do so by:
    • Training and constantly reminding employees to be vigilant.
    • Carefully managing employee identities with tried and true technologies like two-factor authentication.
    • Always following a model of least privilege so that if thieves do manage to get into your network, their access is limited as much as possible.
    • Providing a comprehensive enterprise app store for employees, allowing them to have secure access to all of the trusted and approved applications needed without providing them admin access to install potentially malicious apps.
    • Eliminating the re-use of a single local admin password on all endpoints that can be used to spread malware to additional systems
    • Having a comprehensive (enterprise wide) backup and recovery plan in place.

Ransomware is the new black: In one 2016 study, more than half the companies surveyed had experienced a ransomware attack in the last year, and 40% of them paid the ransom demands. Whether you’re on a Mac or a PC, user beware.

Learn more about protecting your Mac in the enterprise here