This staggering growth in attacks on the MacOS signals that Macs are no longer safe.
We’ve all heard it from one or more users: “I run a Mac – they don’t get viruses.” The same has been said about iOS devices due to their locked down architecture.
In some ways, the statements used to be true; in previous years, malware creators were looking to do the most damage possible, and so choosing the most prominently-used business operating system made more sense.
But today, the focus for cybercriminals is targeted attacks on specific industries and companies, leveraging social engineering tactics, all in the name of gaining enough trust, access, or intel to steal data or money. But, in the case of ransomware specifically, to accomplish this, criminal organizations need OS-specific ransomware.
That means Macs and iOS devices are targets too.
According to backup provider Datto’s State of the Channel: Ransomware Report, 9% of MSPs have seen ransomware on both MacOS and iOS devices. This is a 500% increase from last year. The increase indicates that every operating system is susceptible to attack. And while the 9% seems like a small number, the fact that only 7.3% of business machines are Macs should provide some perspective on just how much a target Apple’s operating systems really are.
So, it’s official – all of your users, regardless of operating system, are potential targets of ransomware.
Organizations with a layered security strategy are relatively well-prepared for ransomware attacks. But, according to Datto’s data, 86% of victims had antivirus in place, 65% email/spam filters, and 29% pop-up blockers. It seems there’s one other part of the preventative equation that needs to be addressed – the user themselves.
Users can become a part of your security strategy if they remain vigilant, looking for potential scams, questionable emails, shady websites, etc. This is best accomplished using Security Awareness Training coupled with phishing testing to first educate your users on threats, scams, and tactics, and then testing them to see if they fall “victim” to fake phishing emails. This holistic approach to elevating your security posture empowers users to play a role in keeping the organization secure, while creating a security culture that ensures it.
No tags for this post.
Based Blockchain Network