The security firms FireEye and Symantec have projected that cyber criminals will increase their cyber-attacks on Apple devices in 2016, based on the doubling of iOS malware this year and the increased security vulnerabilities of Mac computers. However, the number of hack attacks on Apple products including iPhones, iPads, and Macs is still fewer than those on Microsoft’s Windows OS and Google’s Android devices.
Symantec’s researcher Dick O’Brien reported that the number of attacks on Apple is on the whole related to increased sales of its devices. That includes its smartwatches, smartphones, tablets, and laptops. For example, Apple sold a record-breaking 5.7 million Macs during Q4 of this year. However, the number of malware-infected OS X computers was seven times higher during the first three quarters of this year than during all of 2014, according to Cult of Mac. Symantec reported that several of the Mac infections are the result of “grayware,” which is non-malicious apps that do harmful actions such as tracking users’, according to Quartz. This year the number of new threats to the Mac OS is 10. O’Brien pointed out that Windows desktops are attacked much more often than Mac computers. Apple devices are still fairly safe, but users should be careful about security vulnerabilities. Meanwhile, Android devices are the target of the vast majority of malware attacks, at 96 percent. In addition, last year 17 percent of Android “apps” were in fact malware. However, FireEye’s Chief Technology Officer Bryce Boland shared that cybercriminals are finding new security holes in Apple devices. He also predicted more hack attacks in 2016. Both Symantec and FireEye projected that Apple Pay could also be the target of hack attacks in 2016. However, there has been no breaking news yet.
Cyber criminals are increasingly targeting Apple devices like iPhones and iPads as these products gain popularity among consumers across the globe, including India, says a report by security solutions firm Symantec. Besides, 2016 could see more attacks on the iOS platform that has been perceived to be “free from malware” in the past, it added. “Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5 percent of global smartphone shipments and 7.5 percent of global PC shipments. “This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing specific malware designed to infect devices running Mac OS X or iOS,” according to Symantec Director Solutions Product Management (Asia Pacific and Japan) Tarun Kaura.
He added that although the number of threats targeting Apple operating systems remains quite low when compared to the company’s main competitors like Windows and Android, the amount uncovered has grown steadily in recent years. “In tandem with this, the level of Apple-related malware infections has spiked, particularly in the past 18 months. Should Apple’s popularity continue to grow, it seems likely that these trends will continue in 2016. “Apple users should not be complacent about security and change their perception that Apple devices are “free from malware” – this perception opens up opportunities for cyber criminals to take advantage of these users,” he said. He added that security researchers have also given a greater focus on vulnerabilities in Apple software with a number of high-profile flaws uncovered in the past year. The findings are a part of Symantec’s predictions for 2016. The number of iOS malware threats discovered to date, though small in number, has begun to increase with seven new threats discovered to date in 2015, up from the previous high of three in 2014. These threats span from ordinary cyber crime gangs branching out to Apple platforms, to high level attack groups like the Butterfly corporate espionage team that infected OS X computers in targeted organisations, Kaura said.
Talking about the government and enterprise segments, Kaura said cyber attacks on critical infrastructure and Internet of Things (IoT) points could also increase. “We have already seen attacks on infrastructure and in 2016 we can expect this to continue to increase. Motivations for critical infrastructure attacks are both political and criminal, with nations and political organisations operating cyber-warfare campaigns, and criminals attacking for profit or ransom,” he said. The industrial IoT is becoming more connected due to requirements and demand for reporting and improved functionality through connectivity with additional services. “These changes introduce bigger attack surfaces into the more traditionally hard to secure environments,” Kaura said.