New Developments

Attacks on Mac Computers Are on the Rise

Hackers are extending their efforts beyond Windows and attacking Mac users to steal money, according to the recently released Security Threat Report 2008 (PDF, 1.43 MB) from IT security and control firm Sophos. The report examines the threat landscape over the previous 12 months and predicts emerging online crime trends for 2008.

In the report, Sophos experts note that malware for Macs has been seen before, but, until recently, organized criminals have not felt the need to target Mac users given the existence of so many poorly protected computers using Windows operating systems. However, in late 2007 Mac malware was being written by researchers demonstrating vulnerabilities. At the same time, financially motivated hackers started to recognize there was a viable and profitable market in infecting Macs alongside PCs using Windows. For example, many versions of the malicious OSX/RSPlug Trojan, first seen in November 2007, were planted on Web sites designed to infect Mac computers for phishing and identity theft purposes.

"Although Macs have a long way to go in the popularity stakes before they overtake PCs, particularly in the workplace, their increased attractiveness to consumers has proven irresistible to some criminal cybergangs," says Graham Cluley, senior technology consultant at Sophos. "The Mac malware problem is currently tiny compared to the Windows one, so if enough ... Mac users resist clicking on unsolicited Web links or downloading unknown code from the Web, then there's a chance they could send a clear message to the hackers that it's not financially rewarding to target Macs. If they fail to properly defend themselves, however, there's a chance that more cyber criminals will decide it's worth their while to develop more malware for Macs during 2008."

The report also reveals that the wider use of new mobile technologies and Wi-Fi-enabled devices, such as Apple's iPhone and iPod Touch, may be opening up new attack vectors for hackers. For example, flaws have been found in Safari browsers installed on these devices, and as personal Wi-Fi devices grow in popularity, the risks could increase as well. Furthermore, the report notes that low-cost, ultra-mobile PCs, such as the popular Linux-based ASUS Eee laptop, are also likely to gain the attention of online criminals as sales continue to grow.

Another trend predicted in the Sophos report is the increase of state-sponsored "cyber snooping" claims. As the report explains, it was common in 2007 for countries to openly accuse each other of engaging in online crime, despite the fact that it can be difficult to prove where an attack originated or whether the attack was government-sponsored or the result of a hacker acting independently.

In April 2007, for instance, a large-scale distributed denial-of-service attack against Web sites in the Baltic state of Estonia was blamed on Moscow, while last December, the British secret service believed that the Chinese government was behind electronic espionage against British firms to give China a commercial advantage. Neither claim has been proven to this day.

"2008 is likely to bring more accusations, but so far there has been no actual evidence of state-sponsored cyber spying," explains Cluley. "While spying has been happening for centuries, it is important to remember that hackers are experts at covering their tracks, making it difficult to determine the exact source of an attack. There is no doubt, however, of the importance of securing critical computers inside government organizations from hackers, no matter whether they are motivated by politics, espionage, or simply money."

Finally, the report discusses the top malware threats for 2007. According to the report, Web threats continued to be the preferred vector for malware attacks last year, and China hosted more than half of all infected Web pages (51.4 percent), followed by the United States (23.4 percent), and Russia (9.6 percent).

For more information on these and other report findings or to download the report, visit the Sophos Web site (PDF, 1.43 MB).

Site Search: