The scale of the recent Flashback trojan infection of Mac computers was a wake-up call to Mac users that their “most secure” operating system was far from that. Security through obscurity was never going to last long when you become one of the largest computer manufacturers in the world, and Apple’s time of sitting on its laurels because hackers weren;t targeting its OS are over.
Apple are going to need to change their approach to security to protect their users, and Eugene Kaspersky, CEO security company Kaspersky Lab, believes that they are currently about “10 years behind Microsoft” in the area. Apple are going to have to invest in more security audits of their software, but most importantly stop implying that their users simply don’t need anti-virus or anti-malware software installed.
Apple are introducing a Gatekeeper feature in in the upcoming OSX Mountain Lion, which by default will prevent any software being installed that isn’t available in the app store. This has the downside of excluding indie developers that aren’t integrated into Apple’s ecosystem, but certainly should prevent a lot of dubious software being installed by Mac users. Users can also turn it off if they would like to install software from elsewhere, but then they are making a conscious decision to install unverified software and should be aware of the risks.
From my perspective, the biggest issue right now is one of marketing. Apple has promoted the lack of attacks on its software as meaning that their software was inherently more secure than their rivals in Windows and Linux, which has led Mac users to avoid installing anti-virus software. Now hackers are targeting them, Apple really needs to step up and inform its rapidly growing userbase that whilst their OS may be more secure than the others, its is certainly far from impenetrable, and they should protect themselves.