14 DAY TRIAL // Unlike Windows, Mac OS X and Linux are two platforms traditionally associated with a high level of security. This veritable status quo has been maintained by the low footprints both Mac OS X and Linux had on the operating system market, in contrast to Windows. It is in fact the ubiquity of Windows that makes the Microsoft operating system an excellent target of attacks. However, this trend is evolving as the threat environment begins to focus on alternative platforms. In this context, the fast growing audience of Apple's Mac OS X has come into the focus of attackers, with the cats being increasingly targeted.
Wendi Whitmore, principal security consultant with Mandiant, revealed that Mac attacks are on the rise, and that at the source of this new tendency are cross-platform applications, such as QuickTime, Safari and iTunes. Moreover, Whitmore also forecasted that the current situation will only accentuate in the future, and criticized Apple for marketing a high level of security for Mac OS X while letting them essentially be sitting ducks.
"We're going to start seeing a lot more Mac incidents. There's this kind of false sense of security that Macs don't get attacked," Whitmore revealed as cited by DarkReading, adding that the increase in market share of Mac OS X, driven by the success of Mac machines, is at fault for bringing the operating system under fire. "The more of them that are out there, the more the opportunity for attack."
Following the advent of Mac OS X 10.5 Leopard, Apple's latest iteration of the Mac OS X operating system, at the end of 2007, the DNSChanger Trojan horse offered an excellent example of malicious code targeting the Mac platform. One aspect that contributes decisively to the "secure by default" false label of Mac OS X is the fact that there is virtually no malware impacting the operating system, with Windows attracting all the major threats. Now, at over 7% of the operating system market, and shipping in excess of 2 million copies of Mac OS X each month, Apple is offering the target malware authors are bound to respondto, and attacks will follow without a doubt.