Wazzup Pilipinas!
Apple
devices no longer safe against security breaches as new attack opportunities
and threat vectors make Macs an easier target
Fortinet,
a global leader in high-performance cyber security solutions, cautions that
Apple devices have recently become attractive targets for cyber attackers due
to their fast growing popularity and user demographics. In many organizations
today, C-suite executives and marketing teams are more likely to use Macs.
These individuals not only share valuable information, they are also very often
less technically savvy and therefore, less likely to back up their devices,
encrypt stored data, or abide by security best practices.
New attack opportunities and threat vectors are also making
the targeting of Mac devices easier and more attractive. For instance,
Fortinet’s FortiGuard Labs threat research team is starting to see the
development of hacking tools that target cross-compatible software.
In addition, it has become easier for cybercriminals to scale
up their operations against Macs. Due to the rise of
cybercrime-as-a-service, cybercriminals have started building malware
“franchises”. Instead of targeting Macs one at a time like in the past, criminals
can now leverage pre-built technology to attack vast numbers of potential
victims in exchange for sharing profits on the back end. While ransoming one
device may not be of much financial value to professional cybercriminals,
owning hundreds of franchisees targeting thousands of devices every day most
certainly is. At the same time, such an opportunity appeals to many small-time
players, such as lone-wolf hackers working out of their parents’ homes.
“When
it comes to security, the only constant is change, whether it is the way
networks are evolving or how these changes are creating new opportunities for
criminals,” said Aamir Lakhani, Fortinet Senior Security Strategist. “It is
imperative that companies approach security from a holistic perspective. This
includes making sure that every device is protected across all threat vectors,
including Mac devices that were thought to be secure.”
In
response to this new wave of brazen ransomware attacks, Fortinet recommends Mac
users to take the following preventive measures:
1. Apply
patches and updates. Apple regularly provides security updates. Users must
make sure they take the time to apply them.
2. Backup
your device. Apple’s Time Machine service will automatically create full
system backups, which means that should a system get ransomed, one could simply
wipe the device and perform a full system restore from backup. Regularly scan backups
for vulnerabilities and store these backups offline. Offline storage is vital
because Time Machine backup systems are often persistently connected to the
device being backed up, and risk being compromised during an attack.
3. Encrypt
data stored on device. While this may not be effective against many
ransomware variants, it is still a good practice as it can protect an organization
should any device become infected with malware that is designed to steal files
and data.
4. Install
an endpoint security client. Look for endpoint solutions that will not only protect your device, but tie that
security back into your network security strategy, allowing you to leverage and
share threat intelligence to better protect your device and its assets.
5. Deploy
security that covers other threat vectors.
As email is still the number one source for malware and infection, ensure
that a robust email security solution is deployed. The same is true for web
security tools, wired and wireless access controls, cloud-based security, and
network segmentation strategies that help detect, isolate, and respond to
threats found anywhere across a distributed environment.
Ross is known as the Pambansang Blogger ng Pilipinas - An Information and Communication Technology (ICT) Professional by profession and a Social Media Evangelist by heart.
