The Truth Behind the Myths with Security and Apple Macs
By Malwarebytes Labs.
Because of the way Apple developed the Mac, it has always been harder to infect with viruses; harder but not impossible. However, many people still labour under the misconception that Macs are impenetrable when it comes to cyber-attack. We wanted to address some of the facts and fallacies behind Mac security and give you a definitive guide to what is true and what isn’t when it comes to some popular myths.
True or False? Macs don’t get viruses.
False…with an element of truth.
The definition of a virus is a self-replicating piece of malware that infects computers by attaching itself to other files. By this definition, Macs do not get viruses but neither then do a lot of Windows computers. Viruses, defined as malicious software (or malware) are abundant in the wild and can lay claim to many infections on Macs as well as other operating systems.
Macs can and do get viruses.
True or False? Mac malware is rare
Whether it is simply a case of economics and that Windows users represent 90% of the market, the fact is that true malware designed for the Mac is quite rare. To give you some idea, 2012 was a big year for malware on the Mac when just 11 new pieces emerged. However, the reported number of cases of Macs being infected by malware has continued to rise with more attacks occurring in 2015 than the past five years combined.
Though rare, malware on the Mac still represents a risk in whatever form; spyware recording keystrokes or taking pictures using webcam, ransomware or adware.
And, if there is risk then there is a need for security particularly as Macs seem to be vulnerable to two forms of malware; PUPs (Potentially Unwanted Programs) and adware.
Don’t be fooled into thinking that adware is just a harmless way of getting pop-ups and banners onto your mac that can, at worst, annoy users forced to close endless windows. Adware can be a serious gateway infection that can allow cyber criminals to defraud unsuspecting users by siphoning their searches through affiliate referral sites.
On the other hand, PUPs are generally regarded as nuisance programs that purport to do one thing but actually do something else. You may have downloaded what you though was an anti-adware program or an app for cleaning your files but which is actually doing something else. Often not particularly malicious by design, PUPs usually redirect searches or offering adverts within your browser. Though they can simply be an annoyance, PUPs can affect other programs and cause ‘buggy’ software or result in unsecured web pages – both of which can have more damaging effects.
Adware and PUPs both create vulnerabilities in a Mac that can cause severe security problems and should be avoided at all costs.
True or False? Macs are more secure than Windows
True, statistically, but don’t be lulled into a false sense of security.
Compared to Windows, Macs do fall victim far less to security attacks and malware but, as we’ve already established, aren’t impenetrable. New variants of malware for Windows are found in their thousands each month whilst Macs are lucky (or unlucky) to find more than two new variants.
The classic Mac system (in use from 1984 to 2001) has slowly been replaced with a Unix based operating system called macOS (formerly Mac OS X and OS X). The development has been driven around security and macOS is certainly the most secure platform that Apple has ever produced. However, Microsoft has also been improving the Windows system and there is little to split the two in terms of security.
What is true is that there are more threats posed to Windows users than Mac users and, again, this is most likely due to the fact that cyber criminals recognise the advantages of developing malware for a system that represents nine out of ten users.
True or False? Macs have built in security software
True…. if you are running macOS.
An inherent attribute of the macOS system, Apple has incorporated an anti-malware software known as XProtect. It cannot be turned off and is a well-hidden feature of the macOS system that runs a series of checks when you try to open an app. If XProtect recognises a signature within its database as representing a threat then it will not allow the app to run.
It sounds like a fool proof failsafe.
However, as we’ve already established, the biggest threats for a Mac are PUPs and adware, neither of which are protected by this software. Secondly, XProtect can only help guard against attacks which it recognises; not much good when presented with a new piece of malware.
So, yes, Macs running macOS have inbuilt protection but is not a comprehensive solution to guard against all forms of cyber threat.
True or False? You don’t need security software if you have a Mac
False. Categorically false.
Let’s summarise what we’ve learnt so far and, hopefully, you can see why this is a fallacy.
- Macs suffer far less from viruses than Windows but can still ‘catch’ a virus;
- Whilst rare, Macs still fall victim to malware; specifically, PUPs and adware;
- Though relatively secure, Macs aren’t infallible when it comes to security;
- Though Macs running macOS have inbuilt security, this doesn’t protect against all forms of cyber-attack.
So, whilst Macs are statistically far less likely to be infected by malware than windows the risk is still there. And, if there is a risk…any risk…then you need to ensure that you are protected. It’s a little like saying that the risk of catching malaria in parts of Kenya is low so you don’t need to take anti-malarial treatments. The risk might be low but the threat is real and potentially very damaging.
The threats posed to Macs is increasing and remains a real and present danger so installing security software is just common-sense. Software like Malwarebytes Anti-Malware for Mac is a good and safe option which can protect against adware and PUPs.