![](\"https:\/\/images.idgesg.net\/images\/idge\/imported\/imageapi\/2022\/06\/29\/13\/remove-mac-viruses-100929608-large.3x2.jpg?auto=webp&quality=85,70\"\/)
<\/p>\n
Credit to Author: Jonny Evans| Date: Fri, 02 Sep 2022 04:55:00 -0700<\/strong><\/p>\n When Craig Federighi, Apple\u2019s senior vice president of software engineering last year said, \u201cWe have a level of malware on the Mac that we don\u2019t find acceptable,\u201d he apparently really meant it. And Apple seems to be doing about something about it.<\/p>\n Federighi characterized Apple as being in an enduring battle against malware on the Mac. He also explained that between May 2020 and May 2021 the company identified 130 types of Mac malware that infected 300,000 systems.<\/p>\n Given the Mac\u2019s reputation for security, that may seem counter intuitive, but maintaining a secure platform requires constant watchfulness.<\/p>\n We know Apple has intensified the degree to which it monitors its platform in recent years. Not only has the company been forced to do so as its growing market share makes its platforms attractive targets, but we\u2019ve also experienced a scourge of “surveillance-as-a-service” businesses that have been attempting to crack Apple\u2019s code for generally nefarious and repressive purposes.<\/p>\n Apple last year sued controversial private surveillance company NSO Group.<\/p>\n When it did, the company\u2019s head of Apple Security Engineering and Architecture, Ivan Krsti\u0107, said<\/a>:<\/p>\n \u201cOur threat intelligence and engineering teams work around the clock to analyse new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.\u201d<\/p>\n The company has made numerous security improvements to its platforms in response, including working far more closely with the independent security research communities than it has done before.\u00a0This seems to have led to earlier identification and cures for some of the vulnerabilities that may have been used by these private armies of digital spies.<\/p>\n The recent publication of an emergency security patch<\/a> for iOS 12 is a case in point. Apple says the flaw may have been \u201cactively exploited.\u201d (The company fixed the same flaw on more recent iPhones and iPads a few weeks ago. The decision to release a fix for iOS 12 also reflects the scale of the threat.)<\/p>\n It’s precisely this kind of flaw that’s being abused by these surveillance companies, which are prepared to pay millions to purchase hacks and attacks. It\u2019s because Apple now knows these enemies it is introducing Lockdown Mode<\/a> in iOS 16, which is an ultra-secure mode for its devices which does sacrifices some utility for high security.<\/p>\n But Apple has also done one more thing that hasn\u2019t really been noticed until now: It is making Macs even more security conscious than ever before, introducing automated self-diagnosis and malware checking that provides a layer of protection the platform hasn\u2019t really had.<\/p>\n \u201cIn the last six months, macOS malware protection has changed more than it did over the previous seven years,\u201d explained Howard Oakley<\/a>.\u00a0\u201cIt has now gone fully pre-emptive, as active as many commercial anti-malware products, provided that your Mac is running Catalina or later.\u201d<\/p>\n The new protection apparently relies on a new tool\/engine called XProtect Remediator in macOS 12.3. This enhances Apple\u2019s existing XProtect malware protection by giving systems the ability to both scan for and remediate detected malware. Scans take place at frequent intervals during the day, Oakley says. They address a range of trojans, adware, browser hijackers and other threats.<\/p>\n \u201cShould malware make its way onto a Mac, XProtect also includes technology to remediate infections. For example, it includes an engine that remediates infections based on updates automatically delivered from Apple (as part of automatic updates of system data files and security updates). It also removes malware upon receiving updated information, and it continues to periodically check for infections,\u201d an\u00a0Apple tech note explains<\/a>.<\/p>\n What this means is that Apple is introducing a degree of on-device intelligent malware protection to Macs.\u00a0This intelligent protection can easily be updated with new malware definitions. In sum, it means the company has built an even bigger wall to protect against the poisons that lurk outside its PC garden.<\/p>\n We can\u2019t know how much impact these protections deliver.\u00a0In a sense, that\u2019s the problem with security in general \u2014 the value of the armor isn\u2019t visible until protection breaks.\u00a0However, I\u2019m inclined to agree with Oakley who notes that this kind of intelligent, on-device protection represents a degree of security awareness you\u2019d only gain through use of security services until now.<\/p>\n That Apple is prepared to embrace this on a system level likely reflects recognition of of the need to protect distributed endpoints outside standard permiter security protections in a new world of work characterized by an environment of state-sponsored attack.<\/p>\n We\u2019re also seeing moves to make endpoints \u2014 the Macs, iPhones and iPads we use \u2014 more security aware elsewhere across the Apple ecosystem. Consider tools like Managed Device Attestation<\/a>, improvements to Mac MDM<\/a>, USB Restricted Mode and other tools making their way to the platforms. These improvements suggest the extent to which Apple\u2019s security teams are ruthlessly and determinedly identifying and attempting to close the many attack vectors used by modern criminals.<\/p>\n The one vulnerability that is hardest to change, of course, is human error, which remains the weakest link at any level of the chain<\/a>.<\/p>\n Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n