Industry Updates

Mac Users – You’re Not Safe

robot-707219_300x225If you’ve heard it once, you’ve heard it a thousand times. Mac’s are just “safer” than PC’s. They’re less prone to viral and other types of hacking attacks. This has, in fact, been a major selling point for the machines, and Apple has used it to good advantage.

The problem is, it’s not true, generally speaking.

What is true is the fact that pound for pound, Macs have better security overall, but that’s like comparing security systems at Target and Sony. Neither was safe. Both were vulnerable. The real reason that Macs looked and felt safer for much of the company’s history was the fact that there were so few of them in service, relative to the number of PC’s.

The Hacker POV

Think about it from the perspective of the hacker. Your goal, when designing a virus, is to build something that will penetrate as many systems as possible and spread quickly. Why would you want to build a virus that would only be effective on a tiny sliver of the market? The main reason that hackers never bothered was that it wasn’t worth the effort. There just wasn’t enough bang for the buck.

The landscape began changing when Apple introduced the iPhone. Suddenly, there were millions of devices in operation using Apple’s OS, and its security features began being tested because it suddenly made sense for the hackers to target them. This is, in fact, what we’re seeing today.

Enter Thunderstrike

The name of the new firmware worm is actually Thunderstrike 2, named after an earlier iteration (Thunderstrike). It’s especially insidious because it can bypass every known form of security, and even worse, it can infect machines that aren’t even connected to the Internet.

The reason? Because the worm lives in firmware, it can infect things like flash drives that people are inclined to share. If you put some work files on a thumb drive and give them to a coworker, you’ve just infected that person’s computer, assuming Thunderstrike 2 is in residence on your drive.

Given the severity of the worm, you can bet that Apple is already taking steps to cut it off at the knees, but this certainly won’t be the last successful breach of Apple’s legendary security. There are just too many devices around the world these days that use the OS. It’s a target too tempting to ignore for the hacking community.

In the immediacy, there’s little you can do. Current software won’t even detect the worm. Just be very careful who you share thumb drives with, and watch Apple’s sites for security updates.