In the beginning, Macs were perceived as impenetrable and inherently secure machines that held a reputation besting its rival Windows operating system. For years, Apple was revered for creating one of the safest platforms in existence as OS X maintained a façade of invincibility. But on this day 10 years ago, Intego announced the discovery of what is considered the first major Trojan horse in history to target Mac OS X. And so, you may be wondering a few things, for instance, how is the vulnerability of Macs perceived today? Is the overall threat landscape different now compared to the early days of Mac OS X? And what the heck can savvy Mac users do to protect themselves?
These are all good questions that we'll clear up, explaining how we got to the current state of Mac security in 2016, and also offering some tips how you can protect your Mac against highly-motivated hackers and malware writers targeting OS X.
Old Myths Die Hard
Among a variety of misconceptions about malware, the most common myth is that “Macs can’t get viruses.” However, there really is no period of time in which this statement has ever been true.
Since the dawn of Apple, every Mac OS has had some manner of virus or worm. Elk Cloner, the very first Mac virus to be discovered in the wild, was written specifically for Apple DOS 3.3. In the 1990's, Word macro viruses were the most prevalent and dangerous of all Mac viruses. (There have been macro viruses capable of spreading on Macs as long as people have used MS Office on Macs.) The first OS X specific worm was discovered by Intego in 2006, so Mac malware does indeed exist. But it took many years for people to fully grasp this reality—a realization that didn't come to fruition overnight.
Of course, Apple added fuel to the frenzy with a clever marketing ploy that ultimately put its user-base in a lull. It’s hard to forget those “I’m a PC, I’m a Mac” commercials in which Apple claimed that only PCs have a malware problem, and that Macs don’t.
And the seeds of security complacency were sowed; disaster lurked on the horizon.
Although Apple has since changed its tune—no longer touting Macs as "virus free"—the campaign was nonetheless very successful, and even today the false perception of security lingers.
Until recently, however, there was some truth to this perception: OS X faced significantly less risk of cyber attack than Windows. After all, with the release of Mac OS X 10.0 in March 2001, Apple’s new operating system meant that much of the old Mac malware from the 80’s and 90’s would no longer be capable of running.
With Mac OS X 10.0, five years would pass before the first major malware hit Macs. Due mostly in part to the lack of attention from hackers, Mac systems benefited for the better part of a decade, but as we entered the 21st century that all changed.
Intego Jumps to Action, Fills a Void in Mac Security
Intego made headway into the Mac market in 1997, becoming the first and only anti-virus firm to build security software exclusively for Mac, focusing solely on protecting Macintosh computers.
The writing was on the wall, but only Intego seemed to be reading it: All Macs connecting to the Internet are susceptible to security problems with no exceptions.
In a world where using the Internet exposes your computer to hackers, vandals and viruses, Intego realized the need for efficient security solutions that not only protect your Mac, but also give you peace of mind. And so a collection of highly-motivated engineers and other Mac experts founded Intego to fill a void in the security industry.
Intego went on to become the first anti-virus company in the world to offer a personal firewall for Macintosh, releasing Intego NetBarrier to provide incoming and outgoing firewall protection when using a wireless network, which stops hackers in their tracks. The company was also the first to offer native Mac OS X (Cocoa) security solutions:
- October 1997, Intego is founded and releases Rival anti-virus for Mac
- July 1999, Intego releases NetBarrier at the Macworld Expo in New York
- June 2000, Intego releases VirusBarrier
- By 2004, Intego is the world leader in Mac security with over 1 million users in 65 countries
The Lull Before the Storm
Between the time Intego was founded and 2006, most discovered threats were related to vulnerabilities in Mac OS. For instance, in January 2000, a flaw was discovered in port 49152 of Mac OS 9’s security. If a hacker sent a package with a zero length data field on a Mac running Mac OS 9, the Mac would freeze instantly.
Another example was found in 2001: engineers at Berkeley University discovered that the Wired Equivalent Privacy (WEP) algorithm, which is part of the 802.11 standard (used by Apple AirPort networks) contained a flaw, and was vulnerable to hacker attacks. Apple’s AirPort wireless networking is an extremely useful technology, but like many network protocols, there are ways for hackers to get in. For this reason, the researchers recommended "anyone using an 802.11 wireless network not rely on WEP for security, and employ other security measures to protect their wireless network."
First Major Malware Hits Macs
Ironically, the very ads that helped boost Apple’s sales of Macintosh computers may have also put the operating system in the crosshairs of cyber-criminals—resulting in a new rise of Mac OS X malware. Sophisticated Mac malware began to surface following years of rapid OS X market share gains, with Apple owning 12 percent of the laptop market share in 2006, according to Ars Technica.
On February 16, 2006—ten years ago today—Intego’s Malware Research Team discovered the first Trojan horse targeting OS X. We called it Oompa-Loompa, and Intego VirusBarrier detects the malware as OSX/Oomp.A.
Over the next ten years, malware writers began targeting Mac OS X more and more, shattering the Mac's façade of invincibility. As a result, attitudes have changed; even the most optimistic Mac user realizes that OS X security must now be a paramount concern.
Malware is one problem, but there are many reasons why you need to protect your Mac, including:
- Many types of malware threaten Macs and are becoming more common: Trojan horses, macro viruses, worms, spyware, and more
- Security flaws are regularly found in Mac OS X, providing malware writers with opportunities to attack Macs
- Users who exchange files often with friends and colleagues face increased risks
- Booby-trapped web pages can infect your Mac when you simply visit infected web sites
- Children need protection from adult content on the web
- Your personal files need to be protected in case of loss due to software or hardware problems
- You have confidential files that need to be protected from hackers and prying eyes
The State of Mac Security
The sky is blue, the sun rises in the east, and a trusted Mac security solution is a must have in 2016. So, are you doing everything you can to protect your Mac?
To prevent malware attacks, you will need to start making the same amount of effort to protect your Mac that users of other operating systems must do to keep themselves safe. This may not be a fun activity, but these threats are realities Mac users face today and you'll thank yourself later for taking action before disaster strikes. At Intego, we routinely recommend that a multi-layered approach to security is the best form of defense against all types of threats.
In the end, there is no short supply of bad guys—motivated hackers who will take the challenge if it means the reward is the ability to steal money from people—and there’s no question that they will make every effort possible to penetrate your Mac's fortifications (especially since this user base tends to be more complacent about security in general).
And Intego is proud to lead the way and help you stay one step ahead of the bad guys.