September 16, 2024
“We use Macs, so, y’know… we’re pretty secure.” We’ve heard this countless times during cyber risk assessments. There are many misconceptions and myths regarding cybersecurity best practices, and this is just one. One of the more common myths is that MACs are immune to online threats. Some people believe that Macs are more secure than other computers because of the following reasons:
Unix-based: Macs are built on a Unix foundation, which makes them harder to exploit.
Tight control: Apple tightly controls both hardware & software, builds in security protections.
There is some truth to having some very basic layers of protection here, however macs can still be hacked, and there have been many examples of hackers successfully targeting Macs. Threat actors are also increasingly developing Mac malware, so it’s crazy to operate with these preconceptions.
Though MACs may be more difficult to target with built in protections like XProtect, Gatekeeper, and Notarization, they are not immune to online threats. One need only to navigate to the MITRE site (a not-for-profit org funded by the U.S. Government with cybersecurity focus) to review 167 attack techniques listed in the MAC OS. Below is a snapshot;
There are pragmatic layered defense strategies your organization can employee to defend against online threats to MACs; however, ignoring the threat is not one of them. Get a cyber risk assessment and advice on cybersecurity best practices right away.