Apple products have long had a reputation for tight security. In years past, one of the most common reasons Windows users switched to Macs was to get away from the viruses and other digital threats that constantly bombard Windows. It's the reason most Mac users don't have any security software installed.
Unfortunately, the idea that "Macs don't get viruses" hasn't been true for a while. It is true that Mac gets fewer viruses than Windows, but it can still get them, and the number is rising quickly. According to security company Bit 9, there was five times more malware detected for Macs in 2015 than 2010 to 2014 combined. Why is that?
More than 90% of the personal computers in the world run Windows, and for a long time Windows had a ton of underlying security weaknesses. That meant hackers tended to focus more on Windows and left Macs alone.
As Mac sales have increased, however, and Windows has gotten more secure, it's now worthwhile for hackers to branch out to attack Macs. In fact, just last week we reported that hackers finally found a way to infect Macs with ransomware.
That's a big problem, but Apple has a bigger problem in the future.
The big problem Apple will have going forward is that Mac security entirely depends on a single defense called GateKeeper. GateKeeper only lets programs install if they have an approval certificate from Apple.
That means GateKeeper will stop you downloading and installing a random virus off the Internet. However, its weakness is that once a program has approval from Apple, it trusts that it's always going to be good.
In the ransomware attack from last week, hackers broke into the website of the Transmission BitTorrent client and replace the legitimate download with a version that included malicious code. GateKeeper just let the infected program install with no fuss.
Fortunately, Transmission discovered the problem quickly and Apple released an update so GateKeeper would block the malicious version. Also, the hackers had programmed the ransomware to wait a few days before activating, which gave infected users time to get rid of it.
However, if the ransomware had activated immediately or been another type of virus, things could have been much worse. You can bet the next time this happens, it won't go so well for the Mac users.
Security experts are warning Apple that it needs to diversify its defenses and be more proactive, which includes things like offering bug bounties. Bug bounties encourage good hackers to find weaknesses in Apple's security so it can close the holes before bad hackers can exploit them.