{"id":15332,"date":"2019-05-16T06:30:02","date_gmt":"2019-05-16T14:30:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/05\/16\/news-9081\/"},"modified":"2019-05-16T06:30:02","modified_gmt":"2019-05-16T14:30:02","slug":"news-9081","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/05\/16\/news-9081\/","title":{"rendered":"Do Apple devices need anti-virus software?"},"content":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Thu, 16 May 2019 06:03:00 -0700<\/strong><\/p>\n

Apple\u2019s devices are far better defended against malware and viruses than other platforms, but does this mean they don\u2019t need anti-virus software?<\/p>\n

I\u2019ve lost track of the number of times Mac users have told me Macs don\u2019t need virus protection because they are inherently more robust against such attacks.<\/p>\n

I\u2019ve also lost count of how many security researchers have said that Apple devices are becoming more liable to being attacked as their market share grows<\/a>.<\/p>\n

Both are right. Both are wrong.<\/p>\n

The nature of cyberattacks are changing.<\/p>\n

One good illustration of how the nature of these threats are changing comes in the form of the recently-revealed Intel processor vulnerability, \u2018ZombieLoad<\/a>\u2019.<\/p>\n

This flaw lets hackers use design weaknesses in Intel chips (back to 2011) to steal data from machines, including Macs.<\/p>\n

Apple very quickly shipped security patches to protect against this vulnerability and published a detailed support document<\/a> that Mac users who handle particularly sensitive data should read.<\/p>\n

Traditional computer security models have relied on perimeter protection \u2013 that\u2019s things like firewalls, virus checkers and malware detection.<\/p>\n

But these defences simply aren\u2019t robust enough to tackle or spot a threat like ZombieLoad.<\/p>\n

The important thing about ZombieLoad is that it shows how as platforms become more secure, attackers are exploring far more sophisticated ways to exploit devices.<\/p>\n

They seek out vulnerabilities on a component level, and also engage in highly sophisticated phishing attacks that encourage people to click links that download malware to their machines.<\/p>\n

These have interesting names \u2013 Roaming Mantis, for example, offered payloads that worked differently on different platforms \u2013 phishing for iOS and DNS-hijacking on Android. These attacks appear frequently, are fixed and then refined.<\/p>\n

There have even been attempts to subvert device security<\/a> before products leave the factory.<\/p>\n

A hacker may have designed a one-off piece of malware, most likely in a standard programming language, that has only one function \u2013 to subvert security in a computer and download a more malware-infested package in the background \u2013 or to gather user data for a couple of weeks before sending it back to its command and control server in the middle of the night when no one is watching.<\/p>\n

The complexity of such attacks makes it very difficult for existing anti-virus or anti-malware protections.<\/p>\n

They may not even be aware of the code used in an attack \u2013 which means they won\u2019t spot it.<\/p>\n

Attackers are also finding ways to subvert things like Wi-Fi routers and poorly-secured connected home\/office systems to penetrate networks.<\/p>\n

The best defences against such attacks consist of a combination of traditional permiter defences as well as learning to use Apple\u2019s built-in anti-phishing tools<\/a>.<\/p>\n

Existing security protections are being bypassed by highly sophisticated exploits, some of which may have been designed to be used once and never used again.<\/p>\n

What does this mean to an Apple user?<\/p>\n

It means complacency is no defence.<\/p>\n

Merely because when you run a virus check application it doesn\u2019t spot anything on your device doesn\u2019t necessarily mean you\u2019re safe.<\/p>\n

There are Mac malware \u201ckits\u201d available for sale on the dark web for just a few dollars<\/a>.<\/p>\n

Many don\u2019t work well, some don\u2019t work at all, but a few work a little \u2013 though most of these rely on a user downloading and installing code, rather than traditional virus\/malware attack trajectories. (‘Phishing’).<\/p>\n

These increasingly sophisticated attacks leave little trace and are very difficult to detect using traditional permiter protections.<\/p>\n

We’re also seeing rapid increase in attacks against component elements of the system — \u00a0Check Point claims 51 percent of enterprises have seen attacks launched against their cloud backup systems, proving that if an attacker can\u2019t hack your iPhone or Mac, they might try to subvert your cloud storage service instead.<\/p>\n

In this case, machine intelligence.<\/p>\n

Modern enterprises protect themselves using complex tools from the big security vendors.<\/p>\n

These security firms share attack data and develop monitoring systems that watch internal and externally-bound network traffic in order to spot anomalies<\/a>.<\/p>\n

Is that little-used computer in the accounts department sending a zip file in the middle of the night over the weekend? Who to? Why?<\/p>\n

AI is helping most platform, OS and security vendors develop monitoring systems to watch for such events.<\/p>\n

I imagine we\u2019ll see platform providers develop and augment existing platform-based protections with AI-driven protection in future.<\/p>\n

I hope I\u2019ve made an argument that speaks to the diverse and complex nature of the modern threat landscape, but what does this tell us about running anti-virus software on iOS or Mac?<\/p>\n

I think its common sense to use malware and anti-virus protection as part of a package of security deterrents.<\/p>\n

I also think it\u2019s the digitally responsible thing to do. Checking your systems for viruses and malware isn\u2019t just about protecting yourself, it\u2019s also about protecting others (mostly on other platforms) you may inadvertently infect if your system carries a virus.<\/p>\n

I\u2019m not convinced such protections need to be \u2018always-on\u2019 when using Apple\u2019s systems, in part because the attacks most likely to subvert those systems tend to be undefined, but also because the checkers tend to slow our systems down.\u00a0<\/p>\n

However, as\u00a0the nature of cyber-attack continues to change, I think it\u2019s important that every user does what they can to protect themselves \u2013 and others.<\/p>\n

Also read:\u00a0<\/strong>Apple\u2019s\u00a0security white papers<\/a>,\u00a0this iOS security guide<\/a>, and this\u00a0macOS security guide<\/a>.<\/p>\n

Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Thu, 16 May 2019 06:03:00 -0700<\/strong><\/p>\n

\n
\n

Apple\u2019s devices are far better defended against malware and viruses than other platforms, but does this mean they don\u2019t need anti-virus software?<\/p>\n

No, yes and maybe<\/strong><\/h2>\n

I\u2019ve lost track of the number of times Mac users have told me Macs don\u2019t need virus protection because they are inherently more robust against such attacks.<\/p>\n

I\u2019ve also lost count of how many security researchers have said that Apple devices are becoming more liable to being attacked as their market share grows<\/a>.<\/p>\n

Both are right. Both are wrong.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,10480,21640,10554,714],"class_list":["post-15332","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-ios","tag-macs","tag-mobile","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15332","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15332"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15332\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15332"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}