Post Fri Aug 04, 2006 9:26 am

Security Woes in Mac's Future?

Since most malware authors look to get the biggest bang for the buck, most of the code they write attacks Windows machines. But as patching becomes more automated and the general public slowly becomes more aware of these problems by installing AV, firewalls, AntiSpyware, etc., their efforts become less effective. So where do they go next? Their second target will remain the low hanging fruit.

How about this thought? Apple was the target of the first known virus back when they dominated the computer market a long time ago in a galaxy far, far away. This is not the case any more. Since MacOS is now the third OS behind Windows then Linux, not many malware writers focus on it. For this reason, MacHeads have had it pretty lucky in recent years. Contrary to popular belief, their systems are not immune to attack. They just haven't been the focus of attackers. But most MacHead end users think they are immune. With this 'ignorance is bliss' attitude, wouldn't they be a logical next target? Wouldn't they be the low haging fruit?

As reported by PC Magazine, Symantec is warning of future security issues for the MacOS.

Symantec's DeepSight Threat Analyst Team has released a report to subscribers analyzing the threat landscape for Apple's Mac OS X operating system.

Mac users have lived a charmed life in terms of attacks. While there has not been widespread exploitation of Mac users in the wild, all the ingredients are there to make it possible:

  • Critical vulnerabilities are being discovered on a regular basis.
  • Exploits for these flaws are being actively developed and released to the public.
  • Post-compromise tools are being researched and released.
  • Self-propagating malicious code is being created for the platform.

Symantec argues that OS X users, especially business users, should be "taking the same security precautions as with other platforms and should carry out secure computing practices to avoid exploitation or infection."


So I pose this question to the community:

Are Mac users the next big target?

Don
CISSP, MCSE, CSTA, Security+ SME