Given the recent discovery of an Apple malware toolkit, and the fact we have a number of Mac OS X endpoints in...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
our shop, are special precautions necessary to defend these machines from malware and prevent them from becoming zombie machines in a botnet?
Any computer connected to a network, and particularly the Internet, must be protected against unauthorized access, infection and attack. In the past, many Apple users felt they were immune to the types of viruses and malware that plague Microsoft Windows users. They were certainly less likely to be attacked; the Windows user base is much larger and offers better returns for hackers. However, this sense of safety is misplaced. Any software as complex as an operating system contains flaws that an attacker can potentially take advantage of.
The recent discovery of an Apple malware toolkit shows there has been a shift in the focus of attacks in the last few years. Since Microsoft greatly improved the security of its products and network perimeter defenses became more robust, hackers have had to look for easier ways to successfully take control of a computer or break into a network. This is why there have been so many vulnerabilities reported in Adobe software over the past few years. Their software hasn’t suddenly become flawed; it’s simply been subjected to a concentrated effort by hackers to find flaws they can exploit. With the success of the iPhone and iPad, and the growing number of Mac users, hackers have started earnestly looking for and exploring the vulnerabilities in Mac OS X software and applications.
You need OS X antivirus software or antimalware software installed, and the software should be kept up to date with the latest signatures. The major AV vendors such as Sophos, Symantec, McAfee and Kaspersky all offer AV programs that run on Mac OS X. A free AV solution is ClamXav, which uses the open source ClamAV antivirus engine. Once you have installed your choice of AV software, you need to scan all your machines to ensure they are not already infected.
Mac OS X includes an application firewall that allows you to control connections on a per-application basis. This can be used to prevent malicious applications from taking control of network ports that have been opened by legitimate applications. You should ensure this is enabled and configured on each machine, but your network still needs a firewall between it and the Internet. This may be a device you already have, but how up to date is it? It should be capable of blocking access to known malicious sites and preventing sensitive data from leaving your network.
Finally, to ensure users don’t unwittingly infect their Macs by clicking a link in an email from an unknown sender or visiting an malicious site, for example, you need to have an Internet acceptable usage policy that clearly states what users can and can’t do. Also, provide security awareness training so users are aware of the potential risks when using the Internet and Internet-based services such as email, Facebook and Twitter.
Dig Deeper on Alternative operating system security
Related Q&A from Michael Cobb
A flaw in the open source graphics library libpng enabling denial-of-service attacks was discovered. Expert Michael Cobb explains how the ...continue reading
Flaws in the Apple Notify function and iTunes can enable attackers to inject malicious script into the application side. Expert Michael Cobb explains...continue reading
Facebook's Delegated Recovery aims to replace knowledge-based authentication with third-party account verification. Expert Michael Cobb explains how ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.