Fortinet, a global leader in high-performance cyber security solutions, cautions that Apple devices have recently become attractive targets for cyber attackers due to their fast growing popularity and user demographics.
In many organizations today, C-suite executives and marketing teams are more likely to use Macs. These individuals not only share valuable information, they are also very often less technically savvy and therefore, less likely to back up their devices, encrypt stored data, or abide by security best practices.
New attack opportunities and threat vectors are also making the targeting of Mac devices easier and more attractive. For instance, Fortinet’s FortiGuard Labs threat research team is starting to see the development of hacking tools that target cross-compatible software.
In addition, it has become easier for cybercriminals to scale up their operations against Macs. Due to the rise of cybercrime-as-a-service, cybercriminals have started building malware “franchises”. Instead of targeting Macs one at a time like in the past, criminals can now leverage pre-built technology to attack vast numbers of potential victims in exchange for sharing profits on the back end. While ransoming one device may not be of much financial value to professional cybercriminals, owning hundreds of franchisees targeting thousands of devices every day most certainly is. At the same time, such an opportunity appeals to many small-time players, such as lone-wolf hackers working out of their parents’ homes.
“When it comes to security, the only constant is change, whether it is the way networks are evolving or how these changes are creating new opportunities for criminals,” said Aamir Lakhani, Fortinet Senior Security Strategist. “It is imperative that companies approach security from a holistic perspective. This includes making sure that every device is protected across all threat vectors, including Mac devices that were thought to be secure.”
In response to this new wave of brazen ransom-ware attacks, Fortinet recommends Mac users to take the following preventive measures:
Apply patches and updates. Apple regularly provides security updates. Users must make sure they take the time to apply them.
Backup your device. Apple’s Time Machine service will automatically create full system backups, which means that should a system get ransomed, one could simply wipe the device and perform a full system restore from backup. Regularly scan backups for vulnerabilities and store these backups offline. Offline storage is vital because Time Machine backup systems are often persistently connected to the device being backed up, and risk being compromised during an attack.
Encrypt data stored on device. While this may not be effective against many ransom-ware variants, it is still a good practice as it can protect an organization should any device become infected with malware that is designed to steal files and data.
Install an endpoint security client. Look for endpoint solutions that will not only protect your device, but tie that security back into your network security strategy, allowing you to leverage and share threat intelligence to better protect your device and its assets.
Deploy security that covers other threat vectors. As email is still the number one source for malware and infection, ensure that a robust email security solution is deployed. The same is true for web security tools, wired and wireless access controls, cloud-based security, and network segmentation strategies that help detect, isolate and respond to threats found anywhere across a distributed environment.