Back to Insights
Van Wyk: Market Share the Key to Mac OS vs. Windows Security Debate
February 13, 2017 | Malware and Advanced Threats
By Ken Van Wyk, IANS Faculty
I recently learned of some new Mac-based malware when a friend posted an analysis on Facebook. My reaction as a Mac user? “Yawn.” Why? Glad you asked…
Every few months, there’s an urgent warning about some new Mac malware, but it always seems to fizzle away into nothing, or darn near nothing. Often, as in this most recent case, the malware triggers a user dialog that requires the victim to accept the malware. In this case, the malicious software was written as a Word-based macro, and Word diligently warned the user of a macro before running it if, and only if, the user consented.
Now, don’t get me wrong. Many users are absolutely gullible enough to fall for a dialog box. And I’m definitely not saying that Macs are inherently immune to malware. Both Windows and MacOS have seen malware that can propagate without user intervention.
But why, then, is MacOS – along with its distant cousin Linux – seemingly less susceptible overall to malware infestation than Windows?
Understanding the Marketplace
Ever notice when flocks of geese fly in a “V” formation, one side of the “V” is longer than the other? Why is that? The answer to the joke is that there are fewer geese on the shorter side, of course. So, why are Mac and Linux machines less plagued by malware? Simply put, it’s about market share, and there aren’t as many people creating malware targeting these machines.
Windows still owns a far bigger market share than MacOS and, certainly, Linux. Generally speaking, you can also purchase a Windows computer for a lot less than a comparable Mac. If you’re deciding to write malware, your cost and ease-of-entry are lower on a Windows system, as a general rule. And yes, over the past five to 10 years, Macs have seen their market share slowly increase, but they’re still just not quite there. As ubiquitous as Macs seem to be, their market share is still dwarfed by Windows.
Many of us in the security world have feared we might start seeing more Mac-specific malware as the market share rose, but that just hasn’t significantly materialized to this point. Perhaps it will change, but with market numbers like the above, I don’t think it will any time soon.
Now, that doesn’t mean we should smugly sit back and not be concerned either. That would be downright foolish. Mac malware does exist, and targeted attacks do happen. If an attacker chooses to target an enterprise that is predominantly Mac-based, those market share numbers go right out the window.
So, what can we do? Well, there are a few things:
- Lock down and manage our security configurations on our Macs as though the malware threat were real.
- Use the principle of least privilege by not giving every user administrative capabilities.
- Get endpoint protection for our Mac users in addition to our Windows users.
- Run software updates frequently. MacOS includes a behind-the-scenes malware detection and prevention tool that is updated daily.
With a bit of luck, our Mac world may never get as bad as it is for Windows users. Let’s try to keep it that way.
Ken Van Wyk is president and principal consultant at KRvW Associates and an internationally recognized information security expert, author and speaker. He’s been an infosec practitioner in commercial, academic, and military organizations and was one of the founders of the Computer Emergency Response Team (CERT) at Carnegie Mellon University.
| Faculty Report
IANS Vulnerability and Breach Update: Q3 2017
Phishing Stories From the Wild
Poll: Does Tagging External Email Promote Awareness?
| Faculty Report
IANS Vulnerability and Breach Update: Q2 2017