Macs suffer from more malware attacks as their enterprise use increases

A full 4,900 pieces of malware are found on Macs every week, says Sophos

With the increasing use of Apple's (Nasdaq: AAPL) Macs in the enterprise, attackers are focusing more of their effort on exploiting OS X operating system vulnerabilities, warned security firm Sophos in its Security Threat Report 2013.

Almost half of enterprises with 1,000 or more employees are issuing Macs to at least some of their employees, and they expect a 52 percent increase in the number of Macs they issue this year, according to an estimate by Forrester Research.

That popularity has led to increased malware attacks. Sophos said in a typical week its SophosLabs detects 4,900 pieces of OS X malware on Macs, malware that can result in compromised machines, infections of corporate networks and data loss.

Apple has long maintained that its operating systems and devices are the most secure in the business, even dismissing the idea that they need anti-virus software. But Apple's claim to superior security has come into question recently as more and more malware has succeeded in infiltrating Macs.

Two examples of the increasing exploitation of Macs are the Mac Defender and Flashback malware. Mac Defender was fake antivirus software that first began infecting Macs in 2011. It used search results pages to attracted users to legitimate sites that had been infected by the malware, which then infected the users' computers, Sophos explained.

The Flashback malware exploited an unpatched Java vulnerability to infect 600,000 Macs early this year. Once infected, the Macs were linked to a huge bot controlled by a Russian-based hacker gang. It was the largest malware infection of Macs ever recorded.

To counter the growing malware threats to Macs, Sophos recommends enterprises adopt a comprehensive security approach that includes user education, layered protection, Mac-specific expertise on the part of IT staff and strong IT processes and policies.

In addition, for enterprises dealing with BYOD, Sophos is warning that Google's (Nasdaq: GOOG) Android devices are coming under increasing malware attack.

"In the mobile space, the big security story of the year is Android and the huge increase in malware we have seen attacking Android platforms," said SophosLabs Manager Richard Wang.

This poses increased risks for IT managers as more and more Android devices are being brought into the enterprise environment.

Malware developers are using  a software technique known as the "GingerBreak exploit" to gain root access, install malicious code and communicate with a remote website to download and install additional malware on breached Android devices, explained the report. This enables the malware to avoid detection and removal, while recruiting the device into a global botnet.

The report warned that the enterprise security risks posted by Android are growing. "Android malware can place a company's future at risk by exposing strategic information or stealing passwords," the report cautioned.

For more:
- see the Sophos Security Threat Report 2013
- check out Forrester's Mac enterprise stats

Related articles:
Lowenstein's View: It's time to talk about the 'post-smartphone' era
Will Macs replace Windows-based PCs in the enterprise?

Filed Under