Apple: not so obscure any more
It’s long been claimed that Apple platforms have been free of malware mainly because they represent such a small niche of the market that it wasn’t worth the effort creating viruses and trojans for them.
Not any more.
In fact, Apple has had such a significant share of the market for so long that it’s a wonder we haven’t seen more malware. What’s more, given the high price of Apple kit, and therefore the high income levels of Mac owners, there’s a case for arguing that they represent a strong target for ID thieves and banking trojans. ;)
Now that Apple has surpassed Microsoft in market cap, revenue and earnings, that ‘not worth bothering’ argument is looking weaker by the second. What’s more, Apple platforms tend to be somewhat more homogenised than Windows (or even Android) ones, as Apple sells both the hardware and software and systems have a greater tendency to be updated to recent versions.
And there’s another stat, rather less well known, that makes me think that Apple has now come out of obscurity and should be in the crosshairs of malware writers.
I was talking recently to Bradford Networks, a vendor of networking software that provides auto-discovery of attached devices. The firm is especially strong in the education market - mainly universities. And I was told that, particularly in the US, up to 95% of the devices being attached are Apple kit.
That’s not a misprint. And remember that the remaining 5% isn’t just Windows laptops - it’s Wiis, Playstations and Android devices.
I expect that proportion to change, with Android taking a rapidly larger share (which it probably has already - remember, the figure was up to 95%). Nonetheless, it means that the next generation of business people is one habituated to Apple.
Now, Apple fans will claim that the lack of malware on their platform of choice is down to greater inherent security, with none of that nonsense with autorun, ActiveX or {insert the 10 top malware-friendly Microsoft technologies of your choice}. *nix fans will say that Apple’s decision to base OS X on BSD is the reason it’s so sound.
Hmmm.
The fact is, OS X has its vulnerabilities. Apple keeps patching them, although rather slowly at times.
All the malware tools, from Sub7 and Zeus/SpyEye through cryptors to delivery mechanisms, are Windows-based and Windows-oriented, so one possible reason for Apple’s relative immunity is the effort needed for the bad guys to re-tool. And why would they when they can still make millions from Windows users?
And there’s another reason for Apple users to feel less smug. Exploits have wound their way up through the stack, less frequently targeting the OS and working increasingly at the application layer. Many attacks are browser-based or are mounted through services like Facebook. Add to that the prevalence of social engineering-based tactics - many of which are effectively platform independent - and you have a computing landscape rich in threats for Apple users.
This really is the time for Mac and iPhone users to wake up. Me? I’m heading over to Sophos to download its free AV package for Macs. It won’t make any difference but I’ll feel better.
