Apple Ecosystem
The Benefits of Zero-Touch Deployment
Mark Lukehart
The short answer is, yes. Macs can and do get viruses.
88% of today’s data breaches are caused by human error. The likelihood of a Mac user getting a virus largely comes down to that user’s behavior.
Key Statistics To Know:
Mac users should be cautious about what they click on, what apps they download (and from where), and who they allow access to their computers.
Like in Windows PCs, there are many common ways a virus can get into your Mac. The popular types of Mac viruses so far include spyware, adware, ransomware, and scareware. Let’s see how these malicious viruses can trick you and gain access to your Mac.
You may receive a fraudulent email or a Facebook message that looks like it’s from a well-known person or a trusted company. These phishing emails will persuade you to click on malicious links that appear harmless. Once you click on such a link, the system can get infected with malware.
There can be Word or Excel documents infected with macro viruses, which you can receive in several ways. For example, you may often get them as email attachments, via internet download, or while sharing files through a network. They can send emails containing the document to other email addresses, create new files, format hard drives, insert pictures, etc. If you downloaded and opened such an infected document knowingly or unknowingly, it will run malicious code triggering different activities in your Mac.
Mac viruses can sometimes disguise themselves as a software update. You will get the malware once you download and install the update. Trojan horses are the most popular form of computer viruses that can get into your Mac in this way. For example, the “MacDownloader” trojan horse discovered in 2017 was hiding as an Adobe Flash Update.
The victim simply visits a malicious web page and gets notified that they have an outdated Adobe Flash player. Once downloaded and installed, the system receives the harmful malware like adware or ransomware. Adware causes endless annoying pop-ups and advertisements, while ransomware encrypts files and folders in a Mac, making them inaccessible without paying a ransom.
Pop-ups are another popular way that viruses can infiltrate into a Mac computer. If you accept a sudden browser pop-up without reading it carefully, a form of Mac virus called spyware can get into your Mac. This spyware can track your internet activities, steal your credit card, banking, login, and personal information.
Suddenly, you may notice that your Mac computer is slower than usual. Otherwise, you might see your Mac freeze, or the cursor has become a spinning pinwheel indicating that it tries to achieve too many simultaneous operations. If this happens, beware; it could mean a malicious virus runs in the background silently and unknowingly.
When you experience the first symptom of your Mac getting slower, you may also notice that it is heating up more than usual, indicating that too many processes are running in the background. Overheating can happen even when you do smaller tasks. However, an overheating computer can also mean that malware is carrying out its mission in your Mac computer.
Getting bombarded with pop-ups and banner advertisements every time you do something on your computer is a sign of adware presence. Notice that you get these sudden advertisements even if you do not visit any website, and those ads will appear at any place you didn’t see them previously.
Have you ever noticed the presence of strange software that you do not remember installing by yourself? Then there is a chance that a virus has done it without your consent!
Have you noticed a sudden reduction in your available storage space? Or did you get a warning from your Mac that you do not have enough space? Then, it could mean that a virus in your computer has downloaded many unwanted files and stored them without your knowledge.
If you notice that your Mac often crashes more than usual and do not know the reason, it could also mean that a virus has infected your Mac.
Is your browser getting redirected to unknown websites, or has it suddenly changed its homepage to a spam website you have never visited before? Otherwise, does your browser crash or become unresponsive frequently? These could be signs that your MacBook has a virus.
Suppose you are not doing any heavy downloads or streaming yet noticed that your internet data had been almost unusually over. Otherwise, you see a huge spike in your internet usage. Although not as common as in the above scenarios, this could mean that your computer is consuming data without your knowledge. It may be due to a virus that downloads other software unknowingly to you.
If you notice one more of the above symptoms in your Mac, it will indicate the presence of an unwanted program or a virus. In the next section, we will discuss the built-in security features of your Mac that will protect you against virus attacks.
Having identified several ways viruses can get into your Mac and types of malware that can infect iOS, you may be wondering if it does not have proper antivirus software. Apple has its proprietary antivirus software called XProtect installed in every Mac device since 2009, which scans all applications for viruses.
Apple daily updates a threat database against XProtect scan results. If it finds any malware in a file or an application, it will prevent the download and notify you to take necessary actions. Virus scan by XProtect makes it difficult for malicious malware to install on your Mac.
Apple also has Gatekeeper, a feature of iOS that checks the validity of any app you attempt to open or install. Additionally, Mac computers have a Malware Removal Tool that scans your computer regularly and removes the dangerous files if it identifies any malware.
In the next section, we’ll see all these built-in security features of Macs that protect it from viruses and malware.
XProtect is Apple’s built-in antivirus software that examines applications of your Mac and ensures that they do not fall under the list of known malware. Xprotect uses signature-based malware detection. Apple regularly updates malware signatures and keeps the list of known malware up-to-date. You do not need any configurations to run XProtect as it is almost a hidden application that runs in the background.
Suppose you open a downloaded application from a browser like Safari and Chrome or via email or iMessage. In that case, XProtect will automatically scan whenever any application changes or when there is an update to the list of known malware. If it finds anything in the bad applications list, it will notify you, saying, “The X application will damage your computer. You should move it to the Trash”. This warning also indicates from where and when it got downloaded. In such cases, you should immediately delete that installer or file from your computer.
However, does XProtect offer enough protection against viruses? While it covers all the known malware, it may not be as powerful as some third-party antivirus software that covers a more comprehensive list of malware.
Gatekeeper is Apple’s technology that ensures you run only the trusted software in your Mac. Whenever you download an app outside the Mac App Store, Gatekeeper ensures that it is from a verified developer. If it is a download from an unidentified developer, Gatekeeper will block it and issue a warning message to you. It will also ask permission from you before opening a downloaded application for the first time.
You can allow installing only applications downloaded from the App Store in system preferences for Gatekeeper to work in this manner. You also have the option to disable Gatekeeper completely. Also, if any developer needs to distribute an app other than via the App Store, they can obtain a Notarisation ticket from Apples’ malware scanning service. Then Gatekeeper can identify the validity of the app if his app has that ticket. On the other hand, Apple will issue a revocation ticket to the app if it is malicious so that Gatekeeper can block such apps.
Not only does iOS have built-in tools for virus detection and prevention, but also it has a Malware Removal Tool that will automatically remove identified malware. Whenever it receives automatic security updates, it will remove any infectious malware already in the system and check for malware upon system restart and log in.
Your Mac computer does a good job of checking for security updates regularly. Apple automatically updates XProtect and MRT whenever it gets updated with the latest malware. Moreover, iOS keeps track of revocation tickets issued by the malware scanning service so that Gatekeeper has up-to-date information.
Sandboxing is an access control mechanism in iOS that is designed to prevent applications from accessing your user data and resources. It assumes that sandboxed applications can only access specific data and resources or nothing at all. If an app becomes malicious, it can minimally harm your computer due to this restricted access.
The T2 Chip is a technology that significantly enhances the data security in newer Mac models. The secure enclave embedded in the chip stores sensitive data like passcodes and biometric data, including Face ID, Touch ID, etc. Since the OS cannot directly access it, it can protect those sensitive data from Mac Viruses. For example, when you enter your password, the T2 Chip passes it to the secure enclave. It then verifies the password against the encrypted password it stores and returns either a true or false response to the OS. Thus, macOS doesn’t know if you entered the right login password.
FileVault 2 is a disk encryption software in Mac that prevents unauthorized data access and protects the entire drive using XTS-AES 128 encryption. The XTS is the latest model of AES, which uses two AES keys to eliminate more sophisticated attacks. When you activate FileVault 2, it will encrypt all the data in your Mac. You can activate it when you set up your Mac for the first time or through your system preferences.
Mac computers are fairly safe from outside attacks thanks to their antivirus software and other built-in anti-malware protection features. Whether you need an antivirus on your Mac depends on the security needs of your organization.
Hackers and cybercriminals are much less likely to target Mac users than PC users. Still, we shouldn’t conclude that Macs are more secure than PCs.
The reason Macs are targeted less often is that Windows accounts for over 73 percent of the operating system market, while Mac has a combined share of less than 16 percent.
With so many more Windows users to hack, cybercriminals have a considerably larger opportunity to get a return on their investment when deploying phishing and malware campaigns.
Like any other computer, Macs can and do get viruses. Updating your antivirus software and making sure you have updated to the latest updates for your browser and iOS will go a long way to keeping you virus free.
In addition to these precautions, be mindful of security pitfalls such as phishing or fake software updates which will help lower the chances of an infection on your Mac drastically.
Has your Mac ever been hacked? Let us know in the comments below!
[1, 2, 3, 4: https://www.tessian.com/research/the-psychology-of-human-error/]
[5: https://www.tessian.com/blog/employees-are-less-likely-to-follow-safe-data-practices-at-home/]