Malware Hackers Target OS X Users

April 17, 2012

Apple computers have often been considered safe from hackers, but recent malware attacks on OS X systems have Mac users scrambling for security updates, according to an article from Wired.com.

To clarify, Macintosh operating systems have always been considered fairly insulated from hackers, but only because the OS X platform was not attracting criminal attention. Formerly, more than 90 percent of the desktop market share went to Windows, so that's where cybercriminals would focus their time. However, with the influx of Apple technology (MacBooks, iPads, iPhones: all popular "Bring Your Own Device" systems), the number of threats against these systems has risen.

The latest Mac security threat exploits Microsoft Word programming to give a remote attacker the ability to plunder infected systems and steal data by hand, the article says. This exploit has been around for three years, and it's completely preventable if the user has completed all of the latest security updates. However, given Mac users' historically lackadaisical attitude toward security, Wired reports, computers are often left for years without updates or patches.

Cybercriminals haven't invented any new methods to hack specifically into Mac operating systems, but instead they use cross-platform programs as a gateway, such as Microsoft Office, Adobe PDF products, Java and Flash. Malicious coders target these programs because they can infect across different systems with the same code.

From a security standpoint, it's imperative to keep any company-use computers or devices as up-to-date as possible. Even if the device belongs to an employee, if it is being used for company purposes, hackers might be able to infiltrate confidential files. Instead of pulling any BYOD policy, Wired offers several tips on how to better secure Mac OS X technology. We've included a selection of those tips below.

Create a non-admin account for daily use. The default account on Mac computers is an administrator account, which can give hackers access to more information.
Use a web browser that frequently updates to solve security problems. Wired recommends Google Chrome.
Don't ignore the "Software Update" application. It should pop up every time there is an update, or weekly for Microsoft Office. Update whenever you can.
Use a password manager program to cope with phishing attacks. Mac's Keychain application allows users to use multiple, harder passwords for various accounts, so you don't have to use the same password for everything or several easy passwords.
Disable Bluetooth and AirPort whenever possible, as these are key entries for hackers.

Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, will lead this session and provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience.

Protecting employees from potential exposure could be a daunting task, but with the right property technology, your office space can become an interactive and responsive asset that helps you ensure new health protocol compliance.