Apple vs. Cyber Criminals, Apple’s Still Winning
Apple takes swift taken corrective actions, to keep you safe.
Apple is an obvious target for cybercriminals since its products are so popular, said Dick O’Brien, a researcher at Symantec.
This statement could and should scare the iOS and Mac users.
Looking at some figures like “there is a 7 fold increase in the Mac devices being infected with Malware in 2015 versus 2014”, can scare you, however the actual numbers of around 70,000 is just a drop in the ocean when compared to Windows PCs.
A lot of malware is also centered around tracking web-browsing habits and annoying ads (these are more commonly known as “Greyware”).
With the Apple OS now extending to Apple Pay, Apple Wearables, Apple TV, Apple Smartphones, Apple Desktops and Apple mobile devices (iPhones, iPads, iPods) — the OS is integrating cohesively into our lives.
This is also setting us up for being easy targets if someone is able to breach the Apple ecosystem, cause they will have a limitless insight into a user’s data. Small hiccups have known to happen, however Apple has swiftly taken corrective actions.
Two incidents come to mind.
The prominent one is against an organisation called the FireEye. They had a malware, the “XcodeGhost”, which was available in the App Store and was found to have infected the networks of more than 200 US companies.
The malware came from a malicious version of Xcode, Apple’s official tool for developing iOS and OS X apps. The malicious version of Xcode was uploaded on a Chinese file sharing site, where the budding developers inadvertently downloaded them and were unaware that the malicious code was embedded into their apps which they distributed worldwide on the App Store.
This led around 50 million users being affected across multiple apps like WinZip, WeChat and other Apps from Chinese app developers.
Apple responded swiftly and took the infected apps off their App store, and only restored updated versions after stringent scrutinisation.
The other documented cyber-espionage attacks were against politically sensitive entities such as embassies, government ministries, banks, militaries, and associated defence contractors.
According to Apple, attackers used a Java zero-day exploit to compromise a number of Apple employees’ Mac OS X computers.
Apple said that the exploit was delivered through a “site aimed at iPhone developers”. This was actually not targeted at Apple OS’, but worldwide on Windows and Macs alike.
Apple has deterred criminals from trolling their devices with stringently enforced scrutinies of their third party apps, with only a few having slipped between their ever vigilant fingers.
With the financial data — Apple Pay, Apple Radio (credit card data) and iTunes may invite more attacks. With their ever evolving product lines to include wearables and “Internet of Things”, cyber criminals may find it easier to gain access into the Apple ecosystem in the future.
But Apple, being the user-centric organisation it is, will continue to invest and investigate it’s own kingdom to stay a few steps ahead of the mischief mongers. So stay brave!
Originally published at Chip-Monks.
