Windows users live under a constant threat of attacks from writers of viruses or worms that exploit security flaws in their system. Outside of the annoyance of receiving infected e-mails, however, Mac users are immune to such problems. Or are they? MacCentral recently spoke with leading Mac anti-virus software publishers to find out.
Awareness fuels software adoption
Brian Davis is sales manager for Intego’s North America operations. Intego is the company behind VirusBarrier, a Mac-only anti-virus software application. He said his company has seen steady growth in its anti-virus software sales. “Industrywide, these virus [attacks] are tipping people off that they need to be concerned about their security,” said Davis.
Intego is largely focused on the consumer and small business market. Those environments place the emphasis on keeping Macs protected upon the individual user. Companies whose products are aimed at corporations also acknowledge the trend, however.
“I think some of the viruses we had in 2003 made system administrators more aware of where infections are coming from,” said Network Associates Inc.’s Candace Worley, product manager for their McAfee Virex software. .Mac users are familiar with Virex, which they receive as a free software download, but Network Associates’ own sales efforts have been focused on the corporate, or enterprise, market.
“Awareness, especially among IT managers, is increasing,” said Nancy Mohler, senior product manager for Symantec’s Macintosh products, including Norton AntiVirus for Macintosh. “They’re acknowledging that unprotected Macs can threaten their network infrastructure.”
No Mac OS X viruses — yet
Although the experts MacCentral interviewed for this story admit that to date, they’re unaware of any Mac OS X-specific virus or worm, one thing they all agree on is Mac OS X not immune to a potential hacker attack. Over the years, Unix-based operating systems have been compromised many times, and all of them suspect it’s only a matter of time before someone steps up to the plate with their own Mac OS X virus or worm.
“Virus authors are very ego-driven,” said Network Associates outbreak manager Brian Mann. “Eventually someone’s going to take [Mac OS X’s lack of viruses] as a challenge.”
Worley agreed. “Any time you make the assumption that you what have is so secure that you’ll never have a problem, you open yourself to risk. A virus author might have to tweak a Unix virus a bit to be applicable to OS X, but it might not take much effort to do that.”
“Mac OS X is not impenetrable,” said Mohler. “Mac OS X does a good job of protecting root access to the operating system, but there’s no reason to think that a hacker couldn’t exploit some other aspect of the environment.”
Unprotected Macs pose a risk
“One of the main concerns for Mac users should be to remain a good citizen of the corporate community,” said Intego’s Davis. “Even though these viruses and worms we’ve discussed can’t infect your Mac, you can pass them along.”
Macs are immune to infection from high-profile Windows worms like SoBig and MyDoom, which exploit security flaws and architectural shortcomings in Windows operating systems and software applications to cause problems. That software only runs on Windows machines, but that doesn’t mean Mac users are off the hook. If you forward an infected e-mail from your Mac to a Windows-using colleague, for example, that person’s machine can get infected.
“[IT managers] view their Unix systems and Macs as potential infection vectors,” explained Worley.
“You don’t want to be a Typhoid Mary or a Typhoid Mark,” said Mohler. “Everyone should run anti-virus software that checks for both Mac and PC viruses.”
Mann also recommended that Mac users in heterogeneous networked environments — that is, places where Macs and PCs are networked together — exercise caution when they’re transferring files from network servers or other network-mounted volumes. “Be wary of files you’re pulling across the network,” he said. “Make sure to scan them with anti-virus software before opening them.”
In order to protect their users as effectively as possible, all the virus software companies MacCentral interviewed noted that they update the definition files used by their software on a regular basis, to make sure that Mac users are as well-protected as possible. They also continue to support and tweak the software as necessary to make sure it works well as the Mac operating system evolves. Symantec, for example, recently updated its Norton Anti-Virus software for Panther (and more recently did the same for its Internet security product), while Intego offers support for legacy machines running system software as old as 8.1.
Some, like Network Associates, are also developing ways for their software to be used more effectively in corporate environments; later this year, they’ll release a new version of the Virex software they sell into enterprise markets that supports the company’s ePolicy Organizer (EPO) technology, which helps network managers more effectively audit and distribute anti-virus software. The company is also working on Virex 7.5, a new version of their consumer product which is available to .Mac users. That new version will introduce on-event scanning, scheduling and a streamlined virus definition file updating process.
All the security experts feel that a Mac user’s best line of defense — besides using their respective company’s Mac anti-virus software, of course — is to stay educated. Make sure you understand how the latest virus and worm threats work, even if your machine doesn’t pose an infection risk, and adopt the best practices to avoid problems, such as never passing along an e-mail file attachment to a Windows user without knowing the contents.
“As more and more people use the Mac OS X platform, the more likely something bad could happen,” said Davis. To that end, preparation is the best defense.
And while a lot of the focus these days is in controlling virus outbreaks on office machines, Worley said that home users need to stay aware, too. “Whether it’s at the office or at home, the same rules apply,” she added.
Mohler thinks it’s equally important to be aware of privacy and security threats beyond just viruses and worms, as well. Making sure your kid’s Mac has parental control locks in place, for example. “It’s all part of being a good citizen in cyberspace,” she said.