Experts claim Mac users are targeted by malicious ‘ransomware’ for the first time in history.
The software, called KeRanger, encrypts data on infected machines before forcing owners to pay to have their files unlocked. Ransomware, one of the fastest-growing types of cyber threats, reportedly makes hundreds of millions of dollars each year for criminals.
Cassie Slane, a tech consumer product expert and Rob Pritchard, cyber security specialist and founder of website The Cyber Security Expert, gave Metro her insight on the cyber attacks.
For a long time, many people were under the impression that Macs couldn't get viruses. Is this true?
That notion is untrue. While the majority of viruses have been aimed at Microsoft, Mac users have experienced an increasing number of attacks, starting with Java a few years ago. Hackers are finding new ways to target Mac users through open-source software, Trojan Horses and other viruses. Mac users are arguably more vulnerable because many users don't have anti-virus software installed on Macs because they've always been told that they are safe.
Is there a way to protect Mac users?
First, Mac users should protect themselves by installing anti-virus software on their computers and always install Mac security updates. Also, you should only open files from people that you know. If you are unsure if a file is safe, ask the sender if the file is legit before you download it. Plus, users should always have strong passwords, lock their screens when they step away from their computer and encrypt important files. An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs. It's likely that Apple will take a look at other approved developers to make sure they aren't unsuspectingly infecting Macs.
How does the situation affect Apple?
Apple is an extremely strong company that has had very few problems with viruses and malware. This is a small setback that will hopefully teach users that not all operating systems are secure. Apple will hopefully use this attack to show users ways to protect themselves against any future attacks.
Apple will likely address the vulnerability by updating its security features and warning users to make sure they only download software that has a valid Mac app development certificate. It will probably also help users take steps to remove the malware from their computers. But as long as hackers continue to successfully install ransomware and get paid, all computer users are vulnerable, regardless if it's a PC or Mac.
How vulnerable are Mac systems?
There is nothing inherently secure about Mac OS X. Indeed, Microsoft have done far more technically with the various iterations of Windows to improve security. Macs have a very much smaller user base; hence, they are not targeted as frequently. However, there are plenty of viruses and other bits of malicious software out there that do infect Macs.
How do hackers usually operate via KeRanger ransomware?
KeRanger works like lots of other ransomware we have seen over the last few years. It encrypts all of your files and demands payment to provide the user with the key to decrypt the files again. This has been a hugely successful revenue stream for some cyber criminals.
Could Mac users protect themselves?
This particular ransomware came bundled with a piece of open source file sharing software. It is difficult to defend yourself from threats delivered like that because the average user has no easy way of telling the malicious from the legitimate. Antivirus for Mac is a good idea and anything that is delivered through the Apple store should be more trustworthy. Also be very suspicious of attachments to emails which claim to be invoices or similar. It is a common way to trick people into opening something that is actually malicious.
What will Apple do next?
Apple has already revoked the developer key that was used to sign this piece of ransomware. Cryptography is used by Mac OS X to verify the source of a piece of software. However, the cryptographic keys used by developers can be stolen. That means no one else can be infected by it right now. Otherwise, Apple is just stepping into the same arena Microsoft has been in for a long time, the constant evolution of malicious software and the need for new defenses.
Is there a chance new viruses that are able to attack Mac systems will appear?
100 percent, yes. This is already happening.
There seems to be a new chapter of controversies surrounding the company…
Well, this isn't actually anything all that new. All operating systems have vulnerabilities and can be exploited. Macs are no different and Apple has never really claimed they are. I don't think this will impact Apple. It might make users realize that they need to be security aware on Macs too.
How will the situation develop?
There will be more of this kind of thing targeting Macs. The user base is growing; hence, it is worth cyber criminals putting some more effort into writing malicious software that works on Macs. Users need to be more security aware and I expect anti virus for Macs to become more popular.
- By Dmitry Belyaev