The discovery last month that some 600,000 Mac computers worldwide were infected with the Flashback malware must have come as a big embarrassment for Apple.
The company’s Mac OS operating system has for the most part managed to escape the attentions of malicious programmers over the years, though in recent times – due partly to its growing user base – it has become of increasing interest to such programmers.
With a report on Monday that Apple is now seeking the help of computer security firm Kaspersky to strengthen Mac OS security, it appears the Cupertino company is finally waking up to the reality that its operating system could be far more vulnerable to attacks than first thought.
In the Computing report, Kaspersky’s chief technology officer Nikolai Grebennikov went so far as to describe the Mac OS platform as “really vulnerable.”
Confirming that Apple had recently invited Kaspersky to help improve the security of Mac OS, Grebennikov said, “We’ve begun an analysis of its vulnerabilities, and the malware targeting it.”
He went on to express the view that up to now the company had failed to take the issue of security seriously. “Our first investigations show Apple doesn’t pay enough attention to security,” he said.
Grebennikov highlighted his point by explaining how slow Apple were in responding to a known security issue with Java, which Flashback exploited.
“Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago,” he said.
“Apple blocked Oracle from updating Java on Mac OS, and they perform all the updates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That’s far too long.”
Grebennikov said that the discovery of the malware by the security community was a “huge sign” that Apple’s security model is flawed.
He went on to tell Computing that while up to now no iOS-specific malware has been spotted, he believes that over the next 12 months he wouldn’t be surprised to see Apple’s mobile devices, such as the iPhone and iPad, also becoming infected by malware.
“Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS,” Grebennikov said.
With millions of iPhones and iPads already in the hands of consumers, you’d like to think that Apple is working flat out to bolster the security of not only its Mac OS platform, but also its mobile operating system. Let’s wait and see if Grebennikov is proved right on this one.
mac is crap,Linux rules…
This is kind of a “duh” for anyone who knows absolutely anything about technology.
But wait, I thought one of selling points for Apple/Mac was the fact that they don’t have, and can’t get viruses!? lol They’ve always been vulnerable, people just didn’t care about them.
Apple only claimed that the Mac couldn’t be infected by “PC Viruses”, which at the time was virtually all there was. Even with the newly discovered Java-based exploits now targeting the Mac, I still wouldn’t trade my Mac for a PC. I suspect others feel the same.
Only now after over a decade of OS X’s existence, is the need for third party Mac security software an issue.
So you think. I never remember reading Apple claiming “Mac couldn’t be infected with a PC virus”. It was always said to be “virus free”, regardless of the platform. There have been worms and viruses for Mac/Apple for the better part of a decade. Apple just does a great job of keeping up with it and keeping it under wraps. Ever wonder why you get so many updates? The Renepo worm, Leap-A, Inqtana worm, and BadBunny worm are a few that come to mind.
To say this is the first ever existence of Mac Malware is just not true.
I looked up those worms you cited on Symantec’s website. They are all listed as having low distribution and easy removal. And a worm is technically not a virus. Perhaps Apple didn’t tell the whole story, but it got the gist of it right.
The incidence of Mac malware in the wild was vanishingly low in comparison to that of Windows PCs. Apple’s critics typically attribute that to the Mac’s low market share. While that may indeed have been a contributing factor, it didn’t change that fact that millions of Mac users got along just fine without having to install additional security software. This was a practical Mac advantage that Apple rightfully suggested in its advertisements.
Apple’s security updates are a good thing and not anything to be ashamed of.