SINGAPORE, June 19 — Mac computers, once thought to be more secure against malware attacks, are no longer safe, said a cyber solutions provider.
New attack opportunities and threat vectors are making the targeting of Mac devices easier and more attractive, Fortinet said today.
Instead of targeting devices one at a time like what was done previously, criminals can now leverage pre-built technology to attack vast numbers of potential victims in exchange for sharing profits on the back end, the company said.
While ransoming one device may not be of much financial value to professional cybercriminals, owning hundreds of franchisees targeting thousands of devices every day most certainly is.
Cybercriminals are increasingly targeting Mac users because C-suite executives and marketing teams are more likely to use these computers in many organisations.
These individuals not only share valuable information, but they are also very often less technically savvy and therefore, less likely to back up their devices, encrypt stored data, or abide by security best practices.
Fortinet advises companies to ensure every device is protected across all threat vectors, including Mac devices that were thought to be secure.
Here are five easy ways to take preventive measures against ransomware attacks:
1. Apply patches and updates. Take the time to update your device. Apple, for example, regularly provides security updates.
2. Backup your device. Apple’s Time Machine service automatically creates full system backups. Should a system get ransomed, you can simply wipe the device and perform a full system restore from backup.
Regularly scan backups for vulnerabilities and store these backups offline. Offline storage is vital because Time Machine backup systems are often connected to the device being backed up, and risk being compromised during an attack.
3. Encrypt data stored on device. While this may not be effective against many ransomware variants, it can still protect an organisation should any device become infected with malware that is designed to steal files and data.
4. Install an endpoint security client. Look for endpoint solutions that will not only protect your device, but tie that security back into your network security strategy. This way, you can leverage and share threat intelligence to better protect your device and its assets.
5. Deploy security that covers other threat vectors. With emails being the number one source for malware and infection, it’s good to deploy a robust email security solution. The same is true for web security tools, wired and wireless access controls, cloud-based security, and network segmentation strategies that help detect, isolate, and respond to threats found anywhere across a distributed environment. — TODAY