Q: Should I be concerned about ransomware attacking my Mac?
A: Ransomware continues to grow in popularity, as a sort of “gold rush” has been underway in the cyberunderworld.
Hundreds of millions of dollars have been generated over the past couple of years, with one security firm reporting that 64 percent of the victims they surveyed paid to get their files back.
Enterprising criminals are even posting “ready-to-go” ransomware kits on the underground marketplace known as the “dark web” with offers to split the revenue with users of their code.
The complexity of these attacks continues to grow as the security world and cybercriminals face off in a high-stakes game of cat and mouse.
The bad news for Mac users
All of the high-profile ransomware attacks you’ve likely ever heard of have targeted Windows users but some of the more recent code being made available via the dark web specifically targets all of the versions of the MacOS as well.
Because ransomware takes advantage of the user more than the operating system, there are few technical barriers to creating a Mac-specific attack, because the point of entry is getting the user to do something they shouldn’t do.
The most common attack vector for Macs so far has been through infected programs that are designed to bypass Apple’s built-in security (e.g., Xprotect and Gatekeeper).
These premade ransomware packages also claim to be able to bypass detection by at least 50 different anti-virus programs for both Mac and Windows.
The good news
Unlike many of the Windows ransomware exploits that can compromise users through unpatched back doors, clever phishing scams and rigged downloads, Mac users currently can only be exploited via a rigged download.
Despite the growing popularity of Mac computers, they only account for roughly 7 percent of computers worldwide, so they still benefit from “security through obscurity.”
To further illustrate the difference in malware focus in general, one security firm puts the number that target Macs at roughly 450,000, while Windows has 23 million known threats.
From a practical standpoint, cyberthieves are always going to focus on the largest opportunity, as they’re in it for the money.
Don’t let your guard down
Having said all that, everything is subject to change. And having the “I have a Mac, so I don’t have to worry” attitude is a bit misguided: There’s a reason why Apple stopped running the “We don’t get PC viruses” commercials back in 2012.
Make sure you only get programs and apps from reputable sources. Install updates when Apple alerts you. Keep all your other internet tools (such as your browser, Java and Adobe programs) updated.
Those are important, ongoing tasks.
Every computer user should also have a solid backup process. Using an automated online backup service such as Carbonite provides an extra layer of security that will save the day, whether you’re hit with ransomware, viruses, a fire, a flood or theft.
Cybercriminals know that Mac computers are more expensive and that Mac owners statistically tend to be on the higher end of the socioeconomic scale, so keep your guard up!