One of the most common misconceptions I’ve heard while chatting about cybersecurity is that Macs don’t get malware. Time and again my friends ignore basic rules of online safety under the ruse that fruit shaped logo on the back of their case protects them from the dangers of the internet. Things like the above ad seem to reinforce this but, while it is true there are statistically less attackers going after Macs, they are anything but secure.
The key phrase in that ad is that Macs don’t get Windows viruses. Windows dominates the market for operating systems hence the massive amount of Windows-exclusive software. Developers would have to put considerable work into moving their designs to OSX so, unless they can justify the work with projected revenue they don’t bother. The same is true for malware developers. Why develop attacks against the 10% of users who run Macs when you could spend your time and money targeting the 90% who run Windows?
The problem is, there are a number of malicious people out there who do target that 10% and, like Apple’s market share, that number is growing. For instance, the Flashback Trojan alone infected more than 500,000 Macs between 2011 and 2012. In fact, this year (2015) was the most prolific year in history for OSX malware according to Bit9 and Carbon Black. Obscurity does not equate security and with Macs becoming more popular, the little safety it provided is quickly shrinking.
While Macs like anything are not perfectly secure, Apple’s reaction to these threats is cause for even more concern. Even when a patch was released to remedy the Flashback Trojan, Apple waited 8 weeks before releasing it to their users. Even when Apple moves quickly to protect its users, the updates they deliver don’t always work as was the case with iWorm.
Now, I’m not saying you shouldn’t from Apple based on security concerns but you should be aware that you can’t trust Apple to protect you. Get a good antivirus like ESET or Avast. In independent tests they both do well at detecting known malware samples. Never hope for safety when you can instead be secure.