London-based mi2g Intelligence Unit on Tuesday released a report that says Mac OS X and Berkeley Standard Distribution (BSD) Unix are the “world’s safest and most secure 24/7 online computing environments.” Linux operating systems offer the worst track record, according to mi2g, with Windows coming in second.
“More and more smart individuals, government agencies and corporations are shifting towards Apple and BSD environments in 2004,” said DK Matai, Executive Chairman, mi2g. Matai calls adoption of Mac OS X and BSD Unix “an accelerating paradigm shift” thanks to professionals who “don’t have the time to cope with umpteen flavours of Linux or to wait for Microsoft’s Longhorn when Windows XP has proved to be a stumbling block in some well chronicled instances.”
The study analyzed 235,907 break-ins against permanently connected computers around the world, spanning a period from November, 2003 to October 2004. The systems broken into run the gamut from home and small office machines to small, medium and large corporations — everything from computers connected to the Internet without the benefit of a firewall, operating by individual users, to firewall-protected enterprises with dedicated IT staff, intrusion detection systems and other protective measures in place.
Less than five percent
Of the 235,907 successful break-ins researched as part of this study, 65.64 percent, or 154,846, were made against Linux-based systems. Microsoft Windows computers accounted for 25.19 percent of all break-ins recorded, while Mac OS X or BSD-based computers accounted for just 4.82 percent of all breaches recorded.
Mi2g’s study reports that more than 32.7 percent of digital breaches occurred against what they term “micro entities” — home-based individuals or other very small-scale operations — while 58.8 percent of all breaches were carried out against “small entitles.” As the companies grew larger, security definitely increased — 6.1 percent of all such breaches were made against medium-sized businesses, and only 2.5 percent were made against large entities — including big businesses, government agencies and non-government organizations.
Mac OS X and BSD Unix represent a smaller installed base of computers than Windows or, by some estimates, Linux machines. This has led to what some security experts and industry pundits call “security through obscurity:” Since there are fewer Macs, fewer hackers will try to exploit them, since they’re likely to have a less widespread impact and aren’t as familiar with the operating system. Mi2g makes no attempt to weigh in on this issue.
Mi2g estimates the worldwide economic damage in 2004 from these intrusions at between US$103 and $126 billion.
Malware costs insignificant to Mac users
Mi2g also concluded that environments running Mac OS X, as well as BSD Unix and Linux, have not experienced “any significant economic damage” from malware attacks, such as viruses, worms and trojan horses.
“Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware … proliferation. This is directly the result of very insignificant quantities of highly damaging mass-spreading malware being written for other computing environments like Linux, BSD and Mac OS X,” said the report. The company estimates that malware will cost organizations and individuals spent another $166 to $202 billion in 2004, between support costs, loss of business, bandwidth clogging and other costs.