If you’ve purchased a Mac expecting to never have to be concerned with malware or hacking, think again! A recent exploit is targeting Mac users. The good news? It’s preventable.
Mac users have long touted the fact that Apple computers are much less likely than computers running Microsoft Windows to be hacked, but that era may be coming to an end. With four times as many Windows 10 computers currently in the marketplace than Macs, it’s not surprising that hackers choose to attack the system that is much more prevalent in the marketplace overall. A recent ransomware attack may be cause for Mac users to stop their taunts of the platform being hacker-proof, however. The good news is that by taking a few simple precautionary steps, you may be able to stop cybercriminals from locking you out of your expensive Mac.
Are Apple Products ‘Hacker Proof’?
For more than a decade, there’s been a rumor that Apple products are hacker proof, but the reality is that no operating system or data structure is completely airtight. Historically speaking, there are fewer viruses and malware that are targeted to Macs than to PCs, but that doesn’t mean that any Apple OS is immune from threats. There have been more attacks in recent years as ransomware has leaked to the dark web. While Android and Windows will likely always receive a higher percentage of malware than Apple devices, the threats continue to multiply as Apple becomes ever more popular in the marketplace. It’s only a matter of time until specific devices are targeted with browser-specific hacks that bypass some of the security that is baked into OS X.
Phishing emails and third-party exploits of software such as Java or Adobe are also some of the current crops of attacks against Macs, but they’re not the only ones. Macs have been plagued by adware and bloatware — whether malicious or just annoying — that can float pop-up ads on your system to tempt users to download non-essential software tools. These problem spots can slow down the system overall or spawn additional pop-ups, and generally aren’t dangerous. Malicious iOS apps are another form of malware that is likely to be found on a Mac. It’s important to stick with only downloading apps from the official App Store, as others could potentially include subsets of code that can steal user information or infect the device in a much more widespread fashion. While buying from within the App Store helps combat nearly all malicious software, the ever-diligent app reviewers don’t catch everything. In the last 24 months, XcodeGhost was able to introduce a framework into legitimate apps that hijacked back-end servers and ultimately infecting the third-party advertising network.
Rise of Ransomware
Hackers are always looking for new ways to hold your device hostage, essentially locking you out of your device until you pay a ransom which is generally requested in nearly-untraceable Bitcoin currency. With ransomware up nearly 250 percent in 2017, cybercriminals have discovered that there is significant money to be made in locking down computers both for individuals and for businesses. Ransomware has often targeted PCs in the past, but mobile devices and Macs are a growing part of the threat landscape. The U.S. has been hit particularly hard, most likely due to the high number of available computers and relatively high per capita income — which translates into funds available to pay for ransom demands. Ransomware often completely disables the boot-up process for your computer, a crippling effect on any system.
Find My Mac
This recent risk is related to the Find My Mac application, or FMM, which is being targeted by hackers who then request Bitcoin payments in order to provide renewed access to the system. This particular app makes it simple to pinpoint the current location of your device and is helpful in the case of a lost phone or stolen Mac computer. Apparently, hackers have illegally obtained a large quantity of iCloud passwords and usernames, and are leveraging these assets to lock people out of their Macs and mobile devices. The good news is that there’s a relatively easy fix that doesn’t involve paying the ransom, but only if you’re willing to lose all of the data on your device by doing a hard reset. This can also be accomplished by bringing your Mac to an Apple store and verifying your identity.
Reducing the Risk of Loss
Fortunately, there are a few ways that you can reduce the risk of being hit by these cyber criminals. Creating a password that is highly secure is the first step, as is turning off the Find My Mac or Find My iPhone in your device’s Settings. Turn on two-factor authentication on your Apple account to ensure your password cannot be reset without your knowledge, and consider utilizing a password vault app that provides additional levels of security. There’s a further step that you should take before selling or loaning your computer that may help keep your Apple ID information safe, as iCloud information is stored on the nvram of your computer. Disabling FMM at the command line can be accomplished by entering:
$ nvram -d fmm-computer-name
$ nvram -d fmm-mobileme-token-FMM
If your IT admins are struggling to keep security under control, let the professionals at CSP, Inc support your Raleigh organization. We work to ensure that all risks are addressed in a timely manner throughout your fleet of devices and computers.
Contact us today at (919) 424--2000 or via email to firstname.lastname@example.org for more information or to take advantage of your free initial consultation.
“My passion for quality IT service is at the forefront of my career.”
Lance Skipper Client Engineer
Always at your service to provide the highest level of quality support to our customers.
Anthony Firth Client Engineer
“I’m passionate about building and fostering relationships, and finding solutions for success.”
Michael Koenig Client Account Manager
“Enabling IT to become an effective and valuable partner by delivering premier customer service and quality IT solutions achieving business goals.”
Jake Parrott Business Development Manager
“Serving the client through IT solutions is my passion. A happy client is a happy me.”
Jason RichardsonClient Engineer
“Striving to provide friendly and quality service to our customers”
Ted Rorabaugh Client Engineer
“I help clients stabilize and grow their IT infrastructure so they can focus on growing their core business.”
Josh Wilshire Systems Engineer Team Lead
“Providing courteous, quality IT service for our customers.”
Rich Yoest Rapid Response Team Supervisor
“Striving to be your trusted adviser and IT teammate in accomplishing all your business goals”
Brandan Bishop Client Account Manager
“I strive to provide the highest level of quality service to our customers.”
Tommy Williams Sr. Hardware Engineer
“I’m driven by the steadfast belief that technology must serve as a business enabler. This mantra has driven 21
Years of successful partnerships.”
Stephen Riddick VP Sales & Marketing
“CSP doesn’t succeed unless your company succeeds.”
Stephen Allen Inventory Manager
“Through my intuition and genuine concern to help others I have built long-lasting relationships with our customers, co-workers and business partners.”
Scott Forbes VP Support Services
“Every day, I work with clients to help plan the future of their businesses.”
Michael Bowman vCIO
“Your IT problems become our IT solutions.”
Mark McLemore Project Engineer
“Managing internal and external operations to ensure that CSP provides quality and reliable customer service .”
Margie Figueroa Business Manager
“Helping customers get the most out of their IT Infrastructure.”
Marc Gillet Project Engineer
“Providing quality internal and externals financial support to our customers and accounting support to CSP.”
Katie Steiglitz Accounting Administrator
“Your satisfaction is our #1 priority.”
Heather Moore Project Manager
“Some call me the CEO. I call myself the Cheerleader for an awesome team!”
William B. Riddick Founder & CEO
“CSP is here to assist you with your IT needs.”
Beth Wylie Inside Sales Manager
Thinking ofHiring A New IT Company?
On What Questions You Need To Ask Before Signing Any Agreement.