TMO Reports - Symantec: Mac Virus, Hacker Attacks on the Rise
by , 10:45 AM EST, March 23rd, 2005
With the introduction and popularity of Mac OS X, Apple Computer has become an increasingly bigger target for viruses and hacker attacks, according to a report from anti-virus software vendor Symantec Corp.
"Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code," said the 96-page report, entitled the Symantec Internet Security Threat Report, obtained by The Mac Observer. "It is now clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various Unix-based operating systems. Symantec believes that as the popularity of Apple's new platform continues to grow, so too will the number of attacks directed at it."
"I think it's fair to say that Mac users today shouldn't believe they're impervious to attacks," David Cole, Symantec product management security response director, told TMO.
More Macs sold = more security concerns
While Mr. Cole admitted there is no actual data to prove a connection, he said say "it's reasonable to assume that with in increase in market share and popularity comes an increased interest by the hacker attacker community to go after the Mac. No platform is absolutely free of vulnerabilities and no users at the end of the day are impervious because they use a particular product."
The report said an increase in market share for the Mac will be impacted by sales of the much lower priced Mac mini -- a US$500 computer sold without a display, keyboard or mouse -- which may be purchased by less "security-savvy" users. "As a result, the number of vulnerabilities can be expected to increase, as will malicious activity that targets them," the report stated.
The report was clear to say that while the number of vulnerabilities in Mac OS X is expected to increase, they will likely be outnumbered by vulnerabilities in other operating systems, such as Microsoft Windows, for some time to come.
Symantec said it had documented and Apple had confirmed 37 "high-severity vulnerabilities" in Mac OS X since July of last year.
"The appearance of a rootkit called Opener in October 2004, serves to illustrate the growth in vulnerability research on the OS X platform," the report stated. "Additionally, multiple remote and local vulnerabilities have been disclosed that affect both the server and desktop versions of OS X. Vulnerabilities in the Apple windowing system and development kit and in the Apple default Apache configurations are two of the nine vulnerabilities (not all of which were high severity) for which Apple released patches."
A rootkit is a hacker security tool that captures passwords and message traffic to and from a computer. The kit is a collection of tools that allows a hacker to create a backdoor into a system, collect information on other systems on the network and mask the fact that the system is compromised.
Browser attacks very high
Mr. Cole said the biggest "holes" for hackers to attack are vulnerabilities in browsers, where 70% of reported vulnerabilities were considered easy to exploit.
"We saw a large increase over the past six months in security attacks as the market share for Mozilla-based browser climbed," he said. "Their have been 21 documented security concerns with Mozilla in the past six months, which is more than (Microsoft) Internet Explorer."
"This is a massive increase over the single Mozilla vulnerability documented in the previous period and the seven noted in the same reporting period one year ago," the report said.
Between July 1 and December 31, 2004, Symantec documented 13 vulnerabilities affecting Microsoft IE, nine considered high severity. Six vulnerabilities were reported in Opera and none in Apple's Safari browser.
The report called the zero number of confirmed Safari vulnerabilities "somewhat surprising given the increasing popularity of Mac OS X," but suggested that as the browser grows in usage, so will the attacks.
Mr. Cole: Common sense fends off attacks
Mr. Cole said the classic and basic rules still apply to fend off virus and hacker attacks.
"Keep your operating system up to date, your browser to date and your virus definitions up to date," he said. "If you do that, your chances of having problems are minimal."