CUPERTINO, Ca. – According to Zero Day Initiative security vulnerability analyst Cameron Hotchkies, hackers are taking increasing aim at iPhones and Macintosh computers as these Apple devices gain popularity and market share worldwide. ZDI is an organization devoted to scrutinizing programming holes and crafting “patches” to prevent hackers from exploiting weaknesses.
“We are seeing an increasing number of people looking at Apple technologies &to try and find vulnerabilities,” said Hotchkies. “[When] you have a large number of eyes looking at various codes certain things that have been overlooked before starts to get caught.”
Mark Tauschek, senior research analyst with Info-Tech Research, added that because 10 per cent of the consumer market is Macs, it becomes attractive for hackers to target those operating systems and those users.
“As Macs, Linux and iPhones become more mainstream and take a larger share of the market, they are likely to be more targeted,” he said.
Traditionally, hackers have gone after Windows operating systems because the Microsoft software has more than 90 per cent of the global market and Apple devices were largely ignored because its OS, Unix-based BSD, was harder to hack. As well, Tauschek said hackers were less likely to run code or scripts on a Mac OS machine because malware was not created for those machines.
Additionally, Tauschek noted that Apple users often have this perception that they are somewhat invulnerable to attacks. “But there has been malware proven in the wild that the Mac OS can be infected.”
Hotchkies noted some of the vulnerabilities that Apple users should be on the lookout include QuickTime vulnerabilities and potential vulnerabilities in the Safari web browser that is similar to ones found in Internet Explorer.
“Apple users cannot feel as safe as before,” he added.
Hotchkies believed that part of the reason hackers are turning their attention to Apple is that the company has made their machines friendlier to running programs popular on Windows-based machines. Cyber criminals experienced with attacking Windows programs can apply some of their know-how to software modified to run on Macintosh computers. Developers that re-craft Windows programs for Macintosh systems might not be adept at building security components on the latest Leopard operating system used in Apple machines.
“Windows developers take their code and make it work on Apple,” Hotchkies stated. “They could take potential vulnerabilities with them or possibly create new ones because they are working on an entirely different platform.”
What Hotchkies is trying to show, said Tauschek is hackers are able to “jail break” or get underneath the covers of iPhones and Macs, which shines a light on the fact that they are breakable and can be used to carry out malicious attacks.
However, Tauschek said that he hasn’t heard of any viruses yet infecting iPhones and hasn’t seen any anti-virus applications being developed for the device, but it doesn’t mean that Apple users shouldn’t be concerned about the security of their machines.
“Real viruses have been targeted to Mac OS and Linux, so don’t have a false sense of security just because you own a Mac,” he added.
The advice that Hotchkies gives to Apple users on how to better secure themselves is the same he would give to PC users — which is to ensure that software and patches are up to date and be careful where surfing the Internet.
This column was written by Vanessa Ho of ConnectIT
a>>
