Dark Days Ahead for Mac Users?
Jun 13, 2007 4:00 AM PT
From the beginning of the virus wars through the spyware skirmishes that followed, Apple computer users have for the most part been spared from suffering widespread casualties. They have long held a privileged, nearly target-free existence in computerland.
The Unix roots of the Apple core operating system have provided a relatively hacker-free status. That, coupled with the much smaller installed user base, has always made hackers turn to the much more populated field of targets found among the vulnerabilities-laden Windows architecture.
However, the free ride afforded to Mac aficionados over the years could come to a halt at any time. Computer security experts warn that Macland is showing signs of pending attacks. Hackers, driven by organized crime, could soon be aiming their virus and spyware arsenals at the growing number of Apple computer buyers.
"There are and have been a number of vulnerabilities for the Mac but not near that of Windows. The main factor is still going for the higher number of Windows users," David Perry, global director of education for security software firm Trend Micro, told MacNewsWorld. "But we are no longer dealing with traditional hackers. So when does it become marketable for Mac attacks? When is the tipping point going to be reached?"
The traditional view is that Mac computers are more secure than Windows PCs because of Apple's smaller user base, suggest security experts. While that may have been true at one time, it is no longer a hard and fast rule.
"That is a real interesting question. Hackers used to seek fame and went after low-hanging fruit -- Windows," Paul Henry, Secure Computing's vice president of technology evangelism, told MacNewsWorld. "Now hackers work for crime syndicates to get user information for theft or sale."
Being safe and secure on a particular computer platform is no longer a question of whether the largest number of users are the only target, Henry added. The bad guys are just after a kill and are considering new attack targets.
"Attacks now tend to be more targeted at very finite groups of people. I don't see massive attacks on Macs. But we will see industrial espionage, so hackers are changing their routines and are going after information regardless of the platform," Henry warned.
That reality should make Mac computer users take notice, he believes. Hackers will target Macs for the potential cash prize such a task could hold. The criminal enterprise wants that data, he said.
The notion that Macs are more secure because they have fewer users and thus are not attractive targets is known as security through obscurity, noted Symantec's Mac security specialist Mike Romo. "This is not true anymore," he insisted.
While Mac users have to be more aware of security issues today, they also should be able to separate facts from fiction when it comes to potential security risks, argued Romo. There is no impending doom for Mac users, he predicted.
Much of the concern about new Mac security threats stems from fears that the new Apple products could create an opportunity for new attack sectors, he explained. That could be why there is suddenly more interest about Mac security.
"There has been a tremendous influx of Windows users [switching to Macs] lately, and they are more used to talking about such issues," told Romo MacNewsWorld. "The installed Mac user base is expected to double in the next two years as the price drops."
That could bring about the tipping point making Macs a better target, especially when you consider that Mac users intermingle with more virus-prone Windows users on the Internet. Computer users are now connected all the time, so the Internet is becoming a shared operating system, according to Romo.
"That space is where Mac attacks could originate," Romo said.
In order to understand the growing concern over the potential for Mac attacks, users need only look at past hacker and user behavior. For example, in the past, the attack sector changed when older technology went away, said Trend Micro's Perry.
For instance, boot sector viruses in 1995 were eliminated by going to other media and getting rid of floppies. However, the pendulum swung back 100 times worse each time a new attack sector developed with the introduction of new equipment, he noted.
"Yes, hackers can form an attack for Macs. But Apple is quick to patch vulnerabilities because the company controls all the hardware universe, not just the operating system," Perry said. "Macs are actually stronger because of this. They are able to hide in plain sight."
Still, Perry is not taking any chances with security. He recently installed antivirus applications on all of his Mac computers just to be sure.
"In this age of targeted attacks, you have to look at security with a new purpose," he warned.
List of Best Practices
The Macintosh computer line has historically been one of the most secure computers available. Recent market share increases, the media spotlight and even Apple's own advertising campaign have combined, however, to focus added attention on Macintosh Internet security, according to Alan Oppenheimer, president and founder of Open Door Networks. To allay those concerns about the Mac's security, Open Door developed a list of the top 10 actions Mac users can take to insure safe computing practices.
"Up to a year ago it was accurate that the Mac was secure without any worries. But now bad things can happen to your Mac. There are no known Mac viruses yet, but there could be and probably will be," he said.
Intel Chip Worries
Security experts agreed that the recent switch to the Intel processor, giving Macs the ability to run both the Mac and Windows operating systems in separate partitions, is raising some new security concerns.
"The Mac is not theoretically immune to vulnerabilities but is very resistant to them," said Oppenheimer. "Almost all Windows vulnerabilities are limited to the Windows OS, not the Mac OS."
A vulnerability or virus infection that affects the Windows operating system is not likely to cross over to infect the Mac partition, noted security experts, because the architecture is not the same.
Just because it's never been observed, however, does not mean it's impossible.
"Never say it's impossible for a virus to jump the partition. It just hasn't happened yet," said Trend Micro's Perry.
Putting Intel chips in Macs did open a channel for hackers, conceded Oppenheimer. However, hackers have never learned how to hack into the Power PC architecture, he explained. Still, the underlying exploit code could be similar.
Three factors are now increasing the potential for Mac attacks, according to Oppenheimer. One, the user has to be running the Intel chip. Two, Apple's market share has grown. Three, TV commercials are practically challenging hackers to respond when they boast that Macs enjoy airtight security.
"A 5 to 10 percent shift would be more interesting to bad guys," said Oppenheimer.
The very successful Mac marketing campaign on TV could produce a double-edged sword for Apple. Selling more Mac computers can change hackers' dynamics, Oppenheimer pointed out. Still, it is an interesting debate about how having more Mac users could effect the platform's security, Perry believes. If the population of Mac users to Windows users were reversed, he is not sure that Macs would continue to be safer.
Oppenheimer is sure, though, that there will never be the risk potential that Windows has.
"So far the Mac has a near-perfect record. There is some potential for concern, but the sky will never fall on Mac users over the security issue," Oppenheimer insisted.