Author: Tamer Odeh, Regional Director at SentinelOne in the Middle East
With a significant increase in extortion and ransomware attempts in the UAE and Saudi Arabia, scammers took advantage of COVID-19 by increasing their cyber-attacks with more access to business servers due to remote working. Consequentially, Mac Operating systems (Mac OS) have become more threatened to these attacks. Part of that has to do with the fact that the Mac operating systems are now far more often found in business environments compared to a few years ago.
Additionally, the fact that people now have their Macs connected to so many other devices makes it a rich hunting ground for hackers who want to gather data and target victims from the business environments, which created many more threats for Macs. Users are also not as aware of the vulnerabilities compared to the awareness that the Windows software has. Mac OS is usually known to be “safe by design”, however with the rise of hackers who have become skilled enough, this idea changes and awareness on the vulnerabilities needs to increase.
To find out whether a Mac has been infected with a virus or malware, some signs include very slow running applications and increased lagging. Moreover, users will find that adverts begin to appear randomly along with having previously visited websites show irrelevant ads.
As such, below are a few tips and tricks for people with Macs for precautionary measures:
Apple has great built-in security tools, however there are some gaps in them. One of the main gaps is that there is no visibility on what is going on in terms of whether if Mac had a malware or if it is undergoing an attack. However, updating a software that provides visibility on the status of the laptop is a factor that can fill the gap. For example, SentinelOne’s singularity platform offers to expand from cloud-native yet autonomous protection to a full cybersecurity platform. It also prevents, detects, responds, and hunts in the context of all enterprise assets. It allows viewing controlling the unknown. It is the only platform powered by AI that provides advanced threat hunting and complete visibility across every device, virtual or physical, on prem or in the cloud.
Find Applications with Full Disk Access Permissions
Full Disk Access permission is a new privacy feature introduced in macOS 10.14.x (Mojave) that prevents some applications from accessing important data, such as Mail, Messages, TimeMachine, and Safari files. This means users need to manually grant permission for certain applications to access these protected areas of their Mac. In earlier versions of macOS (10.13 and lower), this permission is automatically granted during installation of the AVG product.
Controlling User Interaction
Almost all malware, 99 percent of it, is coming through user interaction on the Mac. For example, the user could be downloading something, convinced that they need a flash player update which ends up being a cyber-attack. There are various things that can be done in terms of controlling devices. Users can install third party solutions like JAMF and Fleetsmith, where they can control various aspects of what they can change.
In order for Mac users to take the abovementioned factors into consideration, they need to be aware that they can be vulnerable to attacks as well. Windows users have an idea that there are threats there, that they need to have Windows Defender running. However, the situation differs with Mac users.
As Apple develops their responses, it is clear that there are teams and threat actors that are responding in kind. The cyber-attacks are not going to stop with a quick solution from Apple changing technology, which is why people need to treat Mac Operating systems almost the same way they do with Windows when it comes to their protection methods. The awareness on this matter is important to consider in order to prevent any cyber attacks from happening to users or their organizations.