14 DAY TRIAL // There’s an old saying claiming Macs never get infected because of Apple’s out-of-this-world closed ecosystem that makes it impossible for malware to reach the data.
Buuuuut despite so many people thinking this is indeed accurate, Apple’s walled garden is slowly evolving into the preferred target of cybercrminals, all because of vulnerabilities that are freakishly easy to exploit.
It happened several times on the iPhone when digital assistant Siri could be used to access the photo gallery, and now it turns out that it’s happening again on the Mac.
Not paranoid enough today? Read this. A security flaw in macOS allows pretty much anyone, even a five-year-old, to bypass the lock screen, get root access and then… do whatever a five-year-old would do on a hacked computer.
It all comes down to finding Macs with the Guest User account enabled and no root password. While it’s true that this hacking method involves having physical access to the device, it seems all the skilled (/s) hackers have to do is to replace the active username with root and then click the unlock button to get access to the desktop.
While the physical access bit could make some people feel safe (or safer), just imagine what this vulnerability allows you to do. You can finally break into your colleague’s computer, take a screenshot of his desktop and set it as background (this is without a doubt one of the best pranks ever!). You can also open a BSOD image and set it in full screen, or you can do more evil stuff like stealing his conversations.
Apple has already acknowledged the bug and said that a fix is on its way, though in typical Apple fashion, the company is unlikely to hurry up to ship it, even if it should.
Microsoft investing big in security
Ironically, all these news of Apple devices being so easy to hack come at a time when Microsoft is all-in on improving security of its products and at some level, the company really manages to do that.
Windows 10, for example, has a complete new arsenal of security features that can protect users, especially those in the enterprise. Windows Defender Application Control, Windows Defender Antivirus, Windows Defender Exploit Guard, Windows Defender Application Guard, Windows Defender System Guard, Windows Defender Advanced Threat Protection, Windows Hello, and so many other mitigation systems are all there to protect users.
Does this mean that Windows is finally more secure than macOS? It does not, and just like with every platform out there, it all comes down to users themselves.
On Android, for instance, you can’t get hacked unless you visit shady websites and install suspicious software from third-party sources. And in the case of today’s Mac exploit, you’re not exposed if you have already disabled the Guest account and set a root password.
But it’s no secret that Macs are more often targeted by cybercriminals than they were a decade ago. Statistics offered by security vendor McAfee earlier this year revealed that malware attacks on Macs increased by 744 percent in 2016, with adware accounting for an important share.
In the end, there’s just one conclusion: the security of a platform comes down to a lot of factors, including how much attention users themselves pay to not getting hacked. Obviously, parent companies also play a critical role here, as they need to ship patches as fast as possible, but in many cases, there are workarounds that users could turn to and avoid getting in the position of being hacked.