Threat actors are amping up attacks on Apple as its hardware becomes more widely used across a number of industries—and that has cybersecurity professionals scrambling to protect devices.
Jamf Portfolio Strategy VP Michael Covington told IT Brew at the Jamf Nation User Conference in September that the age of the ignored Mac is over, and the time of the targeted Mac has come.
“I don’t think end users—let alone companies—are aware of these threats that are out there,” Covington said.
As Mac use increases and companies store sensitive information and perform important tasks on the machines, the products are becoming more appealing threat targets.
“Macs and mobile devices are being used for more critical business applications than ever before; it used to be the graphics, or just a little bit of document writing, email checking—now it’s a critical line of business applications,” Covington said. “And I think that’s where things start to get interesting, where you have this intersection of meaningful stuff on the device, and bad things that are going after it.”
Threat actors initially targeted Apple products through adware, he explained, to probe for weaknesses. Now, attackers are developing ransomware attacks and spyware targeted at Macs. It’s part of an industrywide trend of hackers effectively targeting and attacking systems in clever and subtle ways.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Reached for comment, Apple spokesperson Scott Radcliffe pointed to a blog by Jamf on a study it did with Cisco on how many threats Mac users see relative to PC users, and an Apple-funded study by IDC on the security of enterprise endpoints. Neither resource addressed whether Apple is seeing more threats now than in the past, and Radcliffe didn’t reply to a follow-up by the time of publication.
The full scope of the threat made headlines in early September when hackers with NSO Group exploited a zero click vulnerability to install malware on the iPhone belonging to an employee of a Washington, DC-based civil society organization, Fast Company reported. The company patched the problem, but the attack indicates a growing concern for Apple users and developers.
Companies including Jamf, which develops software to help Apple users manage their devices, are putting a lot of effort into fighting back against threat actors. The contest is a constant back and forth, Covington told IT Brew, that isn’t solely relegated to Apple.
“Despite all the efforts—not just from Apple, but everybody in the industry—to build more robust and resilient operating systems, these guys are still finding really clever zero days that can execute without the user doing anything silly,” he said.