Wednesday, October 21, 2015

Apple's OS X Security Honeymoon Is Over by Stu Sjourman (KnowBe4 CEO)

Stu Sjouwerman
Unfortunately, bad guys are business people too. Their time is money, and they follow market leaders. By now, Apple's market share of desktop computers is close to 17 percent. OS X, Apple's operating system, is popular with consumers and enterprises, making it a more interesting target for hackers since it has not been "mined" a lot, and Apple users are under the false impression that their platform is "safe and does not even need antivirus".

Well, a report that was released by security company Bit9 shows that more malware has been found this year for OS X than in the last five years combined. The company found 948 unique samples of malware this year compared to 180 between 2010 and last year. The malware is not yet super sophisticated, and is not hard to remove, but the increase is massive and much more than the increase in Windows Malware.

Still, it's early days yet compared with the fire-hose of Windows based malware which is around 400,000 new strains per day at the moment. However, an interesting fact about OS X this year is that many more software vulnerabilities have been disclosed than in past years. A list shows 276 flaws have been found in the last 12 months, which is about four times higher than the average number found annually over the last 15 years.

It looks like more and more researchers are focused on how to bypass OS X security mechanisms or how to get code to execute remotely.

And looking at the mobile side of the house, according to Net Market Share's September figures, iOS claimed 38.6 percent of the global mobile OS market share. The number of iOS devices in the enterprise might actually be higher. According to Good Technology's Q2 Mobility Index Report iOS had 64 percent of worldwide enterprise market share, although this had dropped from 70 percent the previous quarter.

From the perspective of security awareness training, Apple users need to be trained just as much as Windows users. More than half of the Apple malware found this year was aimed at forcing people to view ads, a malware class called adware. And infections were mostly dependent on social engineering end-users, like downloading what employees should "red flag" as dodgy software.

It is loud and clear that effective security awareness training is a must for all employees, regardless their computer, Windows or Apple OS X. Find out how affordable that is for your organization and be pleasantly surprised.  Get a quote now:

No comments: