By Carl Weiss
Image courtesy of itechcode.com |
It used to be that Mac, iPad
and iPhone owners used to poke fun at PC and Android users, bashing them for
the many ways and means that malware compromised these non-Apple systems. Of course when you maintain an iron grip on
who gets to develop software and hardware for you as Apple has always done,
then there are many fewer paths of infection that can compromise a system. PC and Android has always been a proponent of
open architecture which means that anyone and everyone was free to develop
everything from apps to operating systems.
This makes them patently more vulnerable to backdoor hacking. However a spate of highly publicized iOS and
OS X security issues have left Apple devotees wondering what happened.
The New York Times recently reported
that “While malware attacks have been possible against jailbroken
iOS devices for
some time, a new piece of malware has been discovered that can infect
even iPhones that have not been jailbroken.“
Additionally,
Palo Alto Networks discovered a program called WireLurker which can be used for a number of nefarious
purposes including spying on users.
“The point of entry seems
to be OS X computers, with researchers having found 467 malware OS X
applications in the unofficial Maiyadi App Store in China that were
downloaded more than 356,000 times in the past six months in the
region. Once on a Mac, WireLurker can infect
any iPhone that’s connected via USB to the computer, and install malicious
applications. WireLurker is capable of
stealing a variety of information from the mobile devices it infects and
regularly requests updates from the attackers command and control server. This
malware is under active development and its creator’s ultimate goal is not yet
clear.”
While the vulnerability of
these systems is troubling, what is even more frightening is that these two
hacks were not the only worms in the Apple.
In early October a Russian security company discovered another flaw in
OS X that enabled hackers to take control of infected 17,000 devices using
Reddit.
Rt.com reported, “One of them turned out to be a complex multi-purpose backdoor that
entered the virus database as Mac.BackDoor.iWorm.” It has
not yet been determined how the malware spreads, but Russian experts say that
once a Mac has been infected, the software establishes a connection with the
command server.” http://rt.com/news/193032-mac-infected-hackers-reddit/
While hacking in general has
always been a concern to computer users, what has really been causing many
Apple users to wake up in a cold sweat are the number of ways in which hackers
have been not only gaining but using their access.
Image courtesy of CBS News |
Case in Point: On
October 28 Fox News published a report concerning journalist Sharyl Attkisson
who reported that her CBS computer and personal iMac had been repeatedly hacked
and its contents accessed, including information pertaining to an article on
Benghazi that was critical of the current Washington administration.
Fox News further reported
that, “Further scrutiny of her personal desktop (by a consultant
hired by CBS) proved that the interlopers were able to co-opt her iMac and
operate it remotely, as if they were sitting in front of it.” http://www.foxnews.com/politics/2014/10/27/highly-sophisticated-hacking-sharyl-attkisson-computers/
Inside Every Dark Cloud
And if hacks on iMacs and
iPhones weren’t bad enough, Reuters reported on October 21 that Apple’s iCloud
storage service in China had been hacked resulting in messages, passwords and
even photos being compromised. Employing
a technique known as a Man-in-the-Middle attack, hackers were able to
superimpose their own site between the users and the iCloud server. The sophisticated attack was reputed to have
been perpetrated by the Chinese government.
The reuters.com article went onto say
that, “An Apple representative declined
comment on the allegations that Beijing was trying to spy on Apple customers,
but noted that the company had updated its technical support page to provide
advice on how to protect against such attacks. We’re aware of intermittent
organized network attacks using insecure certificates to obtain user
information, and we take this very seriously.” http://www.reuters.com/article/2014/10/21/us-apple-china-security-idUSKCN0I92H020141021
Rotten to the Core?
While these
well-publicized security breaches have given a number of people pause to
reconsider Apple’s new found vulnerabilities, there are still a number of
people and organizations that still http://www.livetradingnews.com/ that detailed Home Depot’s recent security breach. After the retail giant’s Microsoft-based
payment data system was relieved of 53 million email addresses and 56 million
credit card account numbers, the company bought two dozen new iPhones and
MacBooks for its senior executives.believe that the latest big Mac attack is
no cause for alarm. Quite the contrary,
if you read the November 10 blog by livetradingnews.com, you will find that:
“ It is not that Apple
devices have not faced any security problems in past. They even had security
issues but still Apple Inc. iPhone and MacBooks are comparatively secure
platforms. They can deal with the malware and other threats in a much better
way. Still, whether the use of Apple Inc. MacBooks and iPhones can solve the
problem of security breaches for the Home Depot or not, time will tell. It is a
high time for The Home Depot to seriously find the cause of the problem.” http://www.livetradingnews.com/home-depot-inc-nysehd-use-apple-inc-nasdaqaapls-iphones-macbooks-81726.htm#.VGPA_PnF8do
The sad
fact of the matter is that regardless of the type of machine that you, I, or
multinational corporate executives choose to use, there is no way to completely
bulletproof yourself against hackers.
All you can do is make sure you keep your machines protected with at
least three layers of anti-malware software, keep your software updated or face
having to answer the toughest of all questions that comes with any big Mac
attack, “You want fries with that?”