Skip to content

Are you protecting your Macs? See how to avoid “Mac malice” and other IT sins

Deadly IT sin: Mac maliceMacs are gaining ground on PCs everywhere, including at the office. Companies are adopting programs that allow users to bring their own devices, or choose the corporate-owned devices they prefer.

When given the choice, many employees are going with what they have at home, and picking Macs over Windows computers. With more Macs, that means extra challenges for IT, from troubleshooting to security.

You’ve heard of the seven deadly sins. We think the 7 Deadly IT Sins are pretty bad too – and neglecting security on Macs is a sin we call “Mac malice.”

Don’t give Macs a pass on security

Macs have a reputation for security that probably has more to do with Apple’s clever marketing than reality – Macs can get malware too.

Even if Macs are less-frequently targeted by malware than PCs, Mac users still use bad passwords, fall victim to phishing or other social engineering, and lose their laptops (and the valuable data on them).

And a false sense of security could make Mac users more careless about security than PC users.

“An astounding number of Mac users still believe that they are immune to malicious code,” says James Lyne, Sophos global head of security research. “It’s actually astonishingly easy to create malicious code for the Mac. And as most Mac users don’t use antivirus, it often goes undetected.”

There have been some big security failures that prove just how vulnerable Macs are.

Apple’s own employees had their Macs compromised by malware in February 2013 via a vulnerability in Java. In 2012, an attack on another vulnerability in Java infected 600,000 Macs with the Flashback malware.

Just like any other software, Mac OS X needs to be patched against vulnerabilities that attackers can exploit to compromise users and steal data. You may have heard of Shellshock, FREAK, or Goto Fail – all of those security bugs affected Macs.

If Macs aren’t protected, they can also spread Windows malware across your network, putting your Windows users at risk even if Mac users aren’t affected.

How to protect your Macs

In the video below, you can watch James use a simple tool to launch an attack that allows him to take over a Mac to do anything a user could do, like turn on the web camera, search files – and possibly gain access to other parts of your corporate network.

It’s fascinating and scary, but James offers some security advice too. Fortunately, it’s easy to protect Macs with the right security solution.

The 7 Deadly IT Sins

Learn more about Mac malice, find out how to keep all your Macs secure, and see if you’re guilty of other security sins on our 7 Deadly IT Sins website.



Leave a Reply to Don’t believe these four myths about Linux security | Sophos Blog Cancel reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!