5 Mac Security Holes and How to Manage Them



Apple is famous for the security of its Unix operating system. It’s a selling point which has encouraged businesses to move away from the fraught Windows operating system in a bid to minimise security threats. In 2015, Apple had the 5th largest global PC market share for the first time in nearly 20 years, and this jump in popularity has made Apple’s operating system a financially viable target for hackers, who previously ignored it in favour of the much larger Windows payload. As a result, more and more holes in the Mac operating system are being identified and exploited with every kind of hacking program you can imagine.

Although the number of vulnerabilities and Apple malware strains is still just a fraction of the numbers affecting Windows, many Apple users and even IT administrators incorrectly assume that they are immune to these types of security threats, and are therefore generally not proactive when it comes to security. In this blog, we examine five Mac security holes and how they can be effectively managed.

 

Router exploits

Although Apple OS X endpoint users are relatively secure, the hardware that a business network is based on can often be a vulnerable target. Instead of infecting endpoint browsers, there have been several malware strains that have targeted poorly secured routers and used this access point to control the entire network.

How to manage it:

A robust router protection policy needs to be multilayered with firewall, antispam, and antivirus.

 

Gatekeeper

In 2016, all of the strains of Apple malware were designed with a valid Developer ID which allowed them to bypass Gatekeeper, one of the inbuilt defences designed to protect Apple products from apps which could adversely affect them. Malware which is signed by a Developer ID will not be blocked by Gatekeeper unless it has been identified as malware, reported, and the Developer ID blocked. Once this happens, the application will be blocked and cannot be installed, but this is only effective for new installations, those who have already installed the malware will not be protected retrospectively and the application will continue to run in the background.

How to manage it:

Apple’s XProtect updated several times in 2016 to block 13 pieces of malware, 11 Safari extensions, and 7 older versions of Adobe Flash. However, security experts were quickly able to bypass the updated Gatekeeper. The best way for administrators to mitigate this type of malware is by creating strong web filtering policies that minimise the likelihood of exposure, and only installing updates from the publishing vendor.

 

Passwords

Because downloading or running any program on Apple OS X requires an administrator password, weak passwords are a major liability.

How to manage it:

Administrators need to start enforcing stronger password policies and consider incorporating two-factor authentication to add another layer of protection against theft.

 

Plug-ins

The vulnerability of plug-ins like Adobe Flash Player, Java, Acrobat Reader and Silverlight is hardly news, but despite frequent updates, these plug-ins remain a favourite medium for exploit kits.

How to manage it:

Given that Flash Player had six 0 day vulnerabilities (an actively exploited vulnerability with no fix available) in 2016 alone and remains an extremely attractive target for exploit kits, administrators are better off uninstalling these extremely vulnerable plug-ins and looking for more secure alternatives.

 

Third party software

In 2016, several extremely popular third party software providers were found to have major vulnerabilities including Skype for Mac as well as Office 2011 and 2016.

How to manage it:

For most businesses, third party software like Office and Skype are essential tools so unlike plug-ins, uninstalling is not an option. Staying up to date with the latest software updates is the best thing administrators can do to protect against security bugs and vulnerabilities being exploited.

At the end of the day, Apple’s operating system, just like every other operating system in existence, is coded by humans and thus prone to human error. The best way for businesses to protect against security flaws in any operating system is to deploy a multilayered network security strategy that minimises the likelihood of vulnerability exploitation at the OS level and limits the amount of damage malware can do if it does infiltrate the network. AWD can help businesses identify key network vulnerabilities and develop strong IT security strategies. To learn more about our IT security audit services, please don’t hesitate to get in touch with us by calling 1300 855 651.

Enquire about our IT services today.