Apple has long enjoyed an image of safety and a sense among its users that it’s pricier products are worthwhile because of the security behind them. Last week, Apple users found out that was no longer true. Security experts last week announced ransomware has successfully targeted Mac operating systems. The attack targeted a very small number of Mac users, but the implications could be much larger.
The Deal With Ransomware
The first part of understanding the attack is understanding ransomware. Ransomware is a type of malware that infects a computer system by restricting use or access in some way, and then demanding users pay to remove the problem. In some cases the payment is solicited from a “tech support” looking pop-up or feature, but in all cases it’s extortion.
The ransomware to hit the Mac systems, “KeRanger” was downloaded around 6,500 times before it was contained through a tainted copy of a data transferring program called Transmission. KeRanger locked Mac OS users data, keeping users from being able to access certain data on their systems without providing payment.
The ransomware was able to bypass Apple security as it was signed with a valid Mac app development system. Once on the system, the program laid dormant for three days before attacking the system and encrypting specific types of documents and datafiles, particularly photos, videos, Excel spreadsheets, and Word documents. After encryption, the program demanded one bitcoin, valued at around $400 US, to remove the blocks.
Apple, for its part, revoked the “abused” certificate when it was made aware of the problem on March 4, and has since updated its anti-virus software.
What It Means For Mac
Mac still has a strong long-term reputation of keeping malware off of its computers, and its reaction to the attack was both quick and effective. In fact, with 5.31 million Macs sold in the first quarter of 2016, the attack ultimately impacted less than one percent of Mac users.
That one percent is enough to shake confidence, though, and enough to let other hackers know that Mac systems aren’t infallible. This isn’t the first security breach to be found on Mac systems, but it is the first time Apple brass believe that a complete ransomware was able to attack Mac users.
The attack is likely to shake some sense of security in Mac users, many of whom pay for the idea that their system could not be harmed by viruses and malware. Some analysts and systems managers warn that the attack could be an indicator of more to come, too, as cyber attacks often start small and ramp up in number later on. Now that hackers know they can, speculation suggests many more may try.
For Apple users, this means being more proactive about system security. Regular backups, up to date security software, up to date operating systems, and avoidance of suspicious activities such as e-mail are all encouraged by Symantec to help keep Mac users safe moving forward.