How to Defend Macs and iOS Devices Against Malware Attacks

IT professionals have long maintained that Apple devices don’t get malware, and that was generally true for many years. But times have changed, and iOS mobile devices and OS X Macintosh computers are now the source of frequent security vulnerabilities and a popular target of hackers and malware authors.

Last year, Apple products earned the dubious distinction of ranking first in the number of security vulnerabilities included in the well-respected Common Vulnerabilities and Exposures (CVE) database. An analysis of the database by CVE Details shows the database added 654 Apple vulnerabilities during 2015, compared with 571 vulnerabilities for second-place finisher Microsoft. And security professionals weren’t the only ones who noticed these vulnerabilities — malware authors targeted Apple products at an unprecedented rate.

Analysis by security firm Carbon Black discovered 948 instances of Mac OS X malware in 2015, up from just 180 instances of malware on that platform during the previous five years combined. During that same year, the XcodeGhost outbreak allowed the first massive infiltration of malware into the iOS App Store. FireEye identified more than 4,000 infected applications that were available for installation on non-jailbroken devices.

The rising prevalence of Apple devices in traditionally Windows-centric organizations has placed iOS and Mac OS X squarely in the crosshairs of attackers seeking access to sensitive information and resources. Apple security should now be of paramount concern to government IT professionals, particularly in organizations that have neglected the platform over the past decade.

Fortunately, many of the same techniques that protect Windows devices can provide similar security for Apple products. What follows are several suggestions for locking down OS X computers and notebooks and iOS tablets and smartphones.

Focus on System Configuration

There’s simply no excuse for failing to manage the system configuration of Apple devices. IT departments should act quickly to incorporate the same computer management practices used for Windows systems across their Macintosh install base.

Depending upon the configuration management technology currently in use across the enterprise, IT managers may be able to simply add a module or agent that allows the management of Macintosh clients as well. In other cases, organizations may consider adding a third-party tool focused on Macintosh configuration management, such as Centrify Mac Management or JAMF Casper. Some products can integrate with Active Directory, allowing organizations to manage Macs using familiar Group Policy mechanisms. Carefully managing Macintosh system configuration reduces the likelihood that malware will gain a foothold on a state’s or locality’s network.

Deploy Mobile Device Management

Apple iPhones and iPad devices are often the first way that Apple products find their way into an organization, and they also can be the vectors used to launch an attack. Mobile device management (MDM) solutions prevent users from making dangerous configuration changes to their devices and ensure a baseline level of security across an enterprise’s mobile fleet.

One of the most important uses of MDM is preventing the jailbreaking of iPhones and iPads. Jailbroken devices may install software from outside the iOS App Store that has not gone through Apple’s standard security vetting process. That said, the XcodeGhost outbreak proves that the Apple vetting process isn’t as rigorous as many thought. MDM can help with this problem by restricting app installation through blacklist and white list technology.

Update OSs Promptly

Apple released the El Capitan version of Mac OS X on Sept. 30, 2015. Over the next three months, it issued three major updates that corrected a series of security problems. Apple releases security patches for iOS on a similarly frequent basis. Technology professionals must stay on top of these operating system updates and apply them promptly and consistently across the organization’s Apple products.

The Macintosh and iOS consumer-focused approach typically provides end users with a great degree of discretion regarding the installation of security updates, making the use of configuration management and MDM solutions critical. Administrators may use this technology to quickly identify devices that don’t comply with the latest security standards. Failure to do so may leave a gaping door open for malware infections.

Install Anti-Virus Software on Endpoints

One of the most effective mechanisms for preventing malware is the use of anti-virus software on endpoints. While not yet prevalent for iOS, many major security software makers now produce anti-malware packages for Mac OS X. In fact, some offer single-pane-of-glass management that allows security teams to quickly view malware management information across both Macintosh and Windows systems at a single glance. The changes in the Apple security landscape require that organizations include Macs, iPad devices and iPhones in their malware management strategy.

Although the world of Apple security may be changing dramatically, security professionals have the tools they need to properly manage security across iOS and OS X devices. Managing Macintosh system configurations, adopting MDM software, applying security updates promptly and deploying malware management software across Macintosh systems will build a strong security base that provides Apple users with protection equal to that of their Windows colleagues.