Tech Insight: Are Macs Really More Secure Than PCs?
Apple Macs have long had a reputation for being more secure than PCs but where does this idea come from and is it really the case?
How Did It Start?
Apple itself supported the idea that Macs didn’t get computer viruses until (in 2012) it was noted that the claim was removed from its “Why You’ll Love a Mac” web page.
There are also successions of fan-like owners who, judging by their online comments and based on their own experiences, would support the idea that their machines have never had a virus. Historically, more ‘user-friendly’ and more aesthetically pleasing, Macs were also the domain of those in design professions and/or ‘non-techie’ people rather than those using banks of much lower priced PCs as daily office workhorses and business tools that required them to be online more often, getting more exposure to viruses and threats.
Although less technical users may find the macOS platform easier to navigate and to keep safe, this can lead to perception that few safety precautions need to be taken, thereby weakening safe user behaviour.
There are far fewer Macs in use than PCs. For example, looking at the OS market, although macOS’s share grew from a tiny 2.26 per cent in 2003 to more respectable 10.18 per cent July 2019. This could mean that:
– If Windows accounts for 90 per cent of the market, it makes sense for cyber criminals to target the majority, and that this could mean that there are fewer Mac-focused cyber threats.
– If there are fewer Macs, owners may simply be enjoying a degree of ‘security through minority’.
Apple’s macOS is based on Unix. This is generally accepted as being more difficult to exploit than Windows. That said, the level of security for Apple’s macOS may depend on which version it is.
Macs Under Attack
There is (what appears to be) a mistaken perception that Mac’s don’t get viruses. In fact, contrary to popular belief, now that Macs are becoming more popular, they have become more of a target for cyber criminals. Examples of Mac threats include the Flashfake botnet, the Koobface worm, and Mac Defender malware, Silver Sparrow malware, Pirri/GoSearch22 adware,ThiefQuest/EvilQuest ransomware and LoudMiner/Bird Miner crypto-mining software.
Larger Threat Growth For Macs
As highlighted in the Malwarebytes (annual) State of malware report (February 2020), the growth in attacks on Apple endpoints is outpacing the threats targeting Windows machines. Kaspersky figures also show increasing dangers for Mac users. Early last year, Kaspersky reported that two years on from its detection, Shlayer Trojan malware attacks one in ten macOS users, and it accounts for almost 30 per cent of all detections for the macOS.
In comparison to Windows users, Mac users seem to suffer less from threats that exploit system vulnerabilities without the need for downloads.
Speed of Security Fixes
In the past, there have been reports of Apple being slow with security fixes (e.g. its patch for 2012’s Flashback exploit taking almost 50 days to be ready for distribution) to macOS users and even then, only being made available for those running macOS Snow Leopard and macOS Lion. If there has been any lack of urgency in the release of security patches and updates for the macOS it may simply have been down to a historically lower threat presence compared to PCs.
In the light of the increasing rate in attacks on Macs, Apple’s Safari browser has been updated to block ads and (unwanted) pop ups. However, third-party browsers like Google Chrome and Firefox may be considered to be more secure, especially against the newest threats, because Safari appears to have a slower update cycle.
Threats To Both
It should be remembered that both Mac and PC users also share common threats which aren’t linked to which flavour of computer an OS they have. These threats include phishing scams and other social engineering attacks, spam, human error of the Mac or PC user, and the threats of theft or loss of the Mac or PC.
Whether a Mac or PC user, clicking on a link or downloading an attachment in a suspicious email can mean an equal risk of falling victim to malware.
Mac and PC users should always take precautions to reduce the risk of viruses and attacks. These include:
– Keeping anti-virus software up to date and making sure that all the latest patches and updates have been installed.
– Not clicking on suspicious links or downloads in emails.
– Making sure that (staff) users are aware, educated and trained in spotting and dealing with cyber threats, scams, social engineering attack behaviour (on and offline) and more.
What Does This Mean For Your Business?
Macs and PCs are both vulnerable to attacks and threats and the increasing popularity of Macs means that threats towards them are growing. Users of both Windows and Mac operating systems should always stay up to date with measures that ensure that their systems are protected and should make sure that staff are educated, trained, and motivated to spot and deal with threats in the right way.
Mac users may can check the advice on Apple’s website about features (found in System Preferences) that help protect Macs and the personal information of users from malicious software/malware, such as that embedded in harmless-looking apps. See: https://support.apple.com/en-gb/guide/mac-help/mh40596/mac