Kaspersky CEO says Mac security is 10 years behind Microsoft

By on April 26, 2012, 4:30 PM

Eugene Kaspersky of Kaspersky Lab security firm has said that in terms of computer security, Apple’s Mac is at least 10 years behind Microsoft. The CEO feels that Cupertino could learn a lot from Microsoft and will have to revise the way they approach security updates following a string of recent malware attacks.

Speaking exclusively to CBR at Info Security 2012 in London, Kaspersky said that the recent Flashback malware attacks are likely just the start of a new wave of attacks aimed at Macs as the platform becomes more popular. He has been saying for years that from a security point, there is no difference between Mac and Windows.

He goes on to say that his company has been seeing more and more Mac malware and with the recent outbreaks, it’s just a matter of time and market share. Cyber criminals have learned from the outbreak and will use that knowledge in future attacks. The bad guys will still primarily target PCs since they outsell Macs by a large margin but the days of not having to worry about a security threat on the Apple OS are numbered.

"They will understand very soon that they have the same problems Microsoft had 10 or 12 years ago," Kaspersky said. "They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software."

If you haven’t been keeping up, a Mac malware known as Flashback infected more than 600,000 machines worldwide earlier this month with 56 percent of the infections in the US. Apple was criticized by many for not releasing a fix and removal tool fast enough as several security firms, Kaspersky included, released fixes ahead of Apple’s official patch.




User Comments: 34

Got something to say? Post a comment
SNGX1275 SNGX1275, TS Forces Special, said:

Of course they want to say that, so they can sell you their antivirus software.

I really doubt Macs are going to "have the same problems Microsoft had 10 or 12 years ago," 10 years ago XP was only a year old and IE was huge and full of security holes. The OS is fundamentally more secure than XP is (and especially compared to XP 10 years ago).

Now, I'm not saying that Macs aren't going to see more malware, but people have been saying that for years. I'm sure Macs will be attacked more, but this guy has an agenda, and that agenda is to sell Mac users his company's AV.

TadMSTR TadMSTR said:

Yes he may be a bit biased when it comes to computer security but he has a point. Apple is fairly slow when it comes to addressing security issues. As for his agenda, he is a security professional and commenting on security issues in an OS kind of makes sense. If he sells his product because of it good for him. I use their Internet Security suite on several systems and its really quite good. Lately I've seen promos on Newegg to get a free copy after rebates.

Guest said:

Is anyone actually surprised? Macintosh security is absolutely pathetic.

Guest said:

This agenda also seems to be Techspot's ;)

Kaspersky is simply wrong to compare Apple's current OS X to Microsoft XP of 10 years ago in terms of security. With the locked down AppStore becoming the primary provider for applications and numerous other security features in OS X that XP simply does not have it really does make it sound like FUD to sell to the Mac crowd.

I'm sure Kaspersky is anxious to capitalize on the rising star of Apple and especially while MSE and other free versions on Windows are starting to eat away at their profit$.

Guest said:

Someone commented that mac security is pathetic. I play your game. That is why Windows micro **** soft automatically comes with 65535 open ports. It also comes with an open access file system. Where osx comes with all ports stealth or closed and a file system that has the folowing security. No access to files. Three sets of access rights to each file and directory. System read, write, execute flag. admin read, write, execute flag, and everyone read write execute flag. But we are still 10 years behind. Behind what. You having no access so holes are irrelevant? for you need access rights to even sneeze. Nice. I love how anyone can hack a mac if they are physically sitting by it. Good luck with borrowing my lap top. By the way i close my lap top and you need a password to re enter my os. Good luck with hacking after you stole it. You got about one hour before i remotely wipe it. Also the password to hack will take you a couple of hundred years since it is a phrase in random order. You need to jump into a black hole to make time last you longer. Or shell I say to buy your self time.

insect said:

Perhaps be meant 10-years behind in experience, not technology or practices. MS has been dealing with constant attacks since Windows 98 and even more so with XP. Now it seems that the holes are filled during the normal 1-week patch cycle or less (if severe enough).

I'm not sure Mac could do that if they wanted to. It will take them time to figure out the best way to implement such practices, again, assuming they want to.

SNGX1275 SNGX1275, TS Forces Special, said:

Insect - thats a good point. I didn't get that impression from the tone of the article, but I suppose when you really look at the facts like the Guest above you said (compared with how XP was 10 years ago) your take on it makes more sense.

I fear Apple doesn't want to put in the task force behind a big malware division because they think they can evolve their way out of it (sandboxing in 10.8). Even if sandboxing does evolve Apple out of the need for a malware division, that won't fix 10.7 or 10.6 or earlier.

lawfer, TechSpot Paladin, said:

Got to love TechSpot's now constant, though "unintentional" paraphrasing of titles.

Guest said:

i love it when an article comes out like this and all the mac people jump to defend their crappy outdated junk using any means possible. those of us in the real world of security who run into this everyday eventually just get tired of arguing with you ****** and let you say whatever you want. welcome to the real world.

Lionvibez said:

Someone commented that mac security is pathetic. I play your game. That is why Windows micro **** soft automatically comes with 65535 open ports. It also comes with an open access file system. Where osx comes with all ports stealth or closed and a file system that has the folowing security. No access to files. Three sets of access rights to each file and directory. System read, write, execute flag. admin read, write, execute flag, and everyone read write execute flag. But we are still 10 years behind. Behind what. You having no access so holes are irrelevant? for you need access rights to even sneeze. Nice. I love how anyone can hack a mac if they are physically sitting by it. Good luck with borrowing my lap top. By the way i close my lap top and you need a password to re enter my os. Good luck with hacking after you stole it. You got about one hour before i remotely wipe it. Also the password to hack will take you a couple of hundred years since it is a phrase in random order. You need to jump into a black hole to make time last you longer. Or shell I say to buy your self time.

Hey boss news flash

A router will stealth all those ports and I rarely see anyone that has a computer connected directly to a modem without a router.

And while you have some good points. They are correct Apple is slow with updates, and having a user base that lives in a fantasy land that believe they will never get infected is just a disaster waiting to happen.

Guest said:

yeah when it comes to mac security who should I trust? The Kaspersky guy or just your average Apple fanboy? Yeah I'll go with the Apple fanboy - at least he is not biased towards Apple product right?

Guest said:

You may find that out of the box Mac's do not have the firewall enabled by default and also Stealth mode enabled... I have 2 Macbooks and a Mac-Mini. I also run the FREE Sophos anti virus soft. from day one.

gwailo247, TechSpot Chancellor, said:

With the locked down AppStore becoming the primary provider for applications and numerous other security features in OS X that XP simply does not have it really does make it sound like FUD to sell to the Mac crowd.

In your zeal to defend your bearded idol, you must have neglected to read the last paragraph of the article. The part which said that 600,000 machines were infected with a recent malware attack. So its not really FUD to address the apparent lack of security, and the definite lack of response from Apple, when one of the biggest Apple infections to date (from what I know) has just occurred.

Apple still has not moved away from the Justin Long "Macs don't', CAN'T, get viruses" era, so when any kind of malware or virus appears, they wait two weeks before they acknowledge there is problem.

Their mindset, if nothing else, is what Kaspersky is talking about. MS knows they get viruses, and they patch out problems on a weekly basis. Apple knows that its marketing strategy depends on the public's PERCEPTION that Apple computers cannot get any kind of virus, and so their strategy is like that of the government. Deny any problem until the evidence is so incontrovertible that you have to do something...two weeks late, after the damage has already been done.

Guest said:

Ignorance I say!

Zen Zen, TechSpot Paladin, said:

Apple knows that its marketing strategy depends on the public's PERCEPTION that Apple computers cannot get any kind of virus.

Wow, I really never looked at this whole people's perception thing in regards to Apple computers. I guess it does make pretty much close to perfect sense for Apple to want the public to think in these terms. And I could see if the public joined the census that Apple had created, that it would go good for Apple computer sale's. Well, this perception thing is something that I might have to integrate into my thinking, especially when dealing with clients, who might want to turn into Apple "fanboy's" and 'fangirl's" all on the notion that Apple systems can't get virus's and are 100% virus free.

Side Note - Didn't this whole perception thing have some pretty bad conclusions about 100 years ago? Today most are saying Apple products can't get virus's or come under attack or will always be 100% virus free, basically saying that if the Apple O.S. was a ocean liner, that ocean liner would be virtually unsinkable!

Can we say "R.M.S. Titanic"!

DanUK DanUK said:

HAAAAA no surprises here. Need to post this to some of my arty "mac is invincible" friends. I've been saying this for a while now but they refuse to believe -___-

Guest said:

Anyone saying a system is 100% safe live in Lala land. The only system I would say is safe would be a computer with no power supply in my closet, and even then I would not bet my life on it ;)

So with all of the fanboys out there saying Mac is full proof, I guess Apple is in Lala land.

2 people like this |
Staff
Rick Rick, TechSpot Staff, said:

Got to love TechSpot's now constant, though "unintentional" paraphrasing of titles.

I won't dig *too* deeply into what you said, but the reality is there is *one* "news" item here: some suit at Kaspersky says Macs are 10 years behind in terms of security.

Shawn's title lets you know exactly what the article is about.

In a vacuum, most people would come up with some variation of that very same title. If you want to effectively summarize the content of an article and make it fit with a limited number of letters, certain words *will* be used. CEO, Kaspersky, Apple/Mac, Microsoft/Windows, Security and 10 years. Titles can be only so creative and unique.

Source title: Apple '10 years' behind Microsoft on security: Kaspersky

Cnet title: Kaspersky: Mac security is '10 years behind Microsoft'

TS title: Kaspersky CEO says Mac security is 10 years behind Microsoft

I'd like to point out, out of all those three, the one from TS actually goes through the trouble of mentioning CEO. If anything, Shawn did a good job with the title. It's provocative, completely true and specific enough you don't even have to read the article to know what the primary issue is.

Marnomancer Marnomancer said:

Obviously a marketing strategy.

Staff
Rick Rick, TechSpot Staff, said:

Obviously a marketing strategy.

Yes, I totally believe so. What the CEO said is pretty incendiary and Kaspersky is getting a lot of eyeballs because of it.

Guest said:

Mr. Eugene Kaspersky should have a look at this [link]

mario mario, Ex-TS Developer, said:

If you haven?t been keeping up, a Mac malware known as Flashback infected more than 600,000 machines worldwide earlier this month with 56 percent of the infections in the US. Apple was criticized by many for not releasing a fix and removal tool fast enough as several security firms, Kaspersky included, released fixes ahead of Apple?s official patch.

Yep sure Apple didn't release a fix for it fast enough and they didn't get number of infected machines to less than 30k in a week, I didn't see that covered Shawn!

Guest said:

The only malware I know is Windows, and my Mac doesn't have it.

Guest said:

Lol what you have done Kaspersky. You hurt Mac Fanboises feelings.

Shame on you! hehehe

cliffordcooley cliffordcooley, TechSpot Paladin, said:

The only malware I know is Windows, and my Mac doesn't have it.

Lol what you have done Kaspersky. You hurt Mac Fanboises feelings.

Shame on you! hehehe

If they are going to be as naive as the guest in the first quote, maybe they need their feelings hurt.

lawfer, TechSpot Paladin, said:

I won't dig *too* deeply into what you said, but the reality is there is *one* "news" item here: some suit at Kaspersky says Macs are 10 years behind in terms of security.

Shawn's title lets you know exactly what the article is about.

In a vacuum, most people would come up with some variation of that very same title. If you want to effectively summarize the content of an article and make it fit with a limited number of letters, certain words *will* be used. CEO, Kaspersky, Apple/Mac, Microsoft/Windows, Security and 10 years. Titles can be only so creative and unique.

Source title: Apple '10 years' behind Microsoft on security: Kaspersky

Cnet title: Kaspersky: Mac security is '10 years behind Microsoft'

TS title: Kaspersky CEO says Mac security is 10 years behind Microsoft

I'd like to point out, out of all those three, the one from TS actually goes through the trouble of mentioning CEO. If anything, Shawn did a good job with the title. It's provocative, completely true and specific enough you don't even have to read the article to know what the primary issue is.

I was kidding, didn't think my comment would get picked out of the myriad.

I am not always up for arguing or debating (as interesting, necessary or satisfactory as it may be) you know!

Guest said:

GuestMr. Eugene Kaspersky should have a look at this [link]

Guest

You do know that is a false analogy right? Right? Servers, have from the beginning, taken security very seriously. Second, no one does viruses, malware, trojins, etc to simply shut down a system. The object has always been to make money. Servers won't do that for you unless you're the one running the server. This is simple to understand, server security is a serious thing; ten years ago a server's encryption was running at 256k and today they are much better. And just because it took more macs then the previous predictions said were needed to be targets mean nothing. Of course, feel free to fanboy this issue as hard as you want. I'm sure you're right. So go ahead, and keep your personal info on your mac, and don't bother with the virus checker ... even the free ones like Kaspersky. You did know that Kaspersky has a free, non-trial, version, didn't you?

Guest said:

I don't know about 10 years behind. But I do have to say, this is a premature statement, look at the whole computing world. How many run Windows? In 2011, according to User Agent IDs it was said Windows account for ~81% of Internet users, 8% for Mac, 2% for Linux. So as a malicious hacker, who would you target? Now that Macs have hit primetime and more and more people are 'switching' the flaws are being exposed. Same with Linux, though once I heard, don't s*** where you stay, meaning do not expose your own base. So really, has OS X really had as much exposure to the hacking community as Microsoft has?

Guest said:

1. "

Symantec still counts hundreds of thousands of Windows machines infected with Conficker, for instance, years after that 8-million strong botnet was detected.

"

2. "In January 2009, the estimated number of infected computers ranged from almost 9 million[6][7][8] to 15 million.[9] Microsoft has reported the total number of infected computers detected by its antimalware products has remained steady at around 1.7 million from mid-2010 to mid-2011.[10][11]"

Kaspersky counted a mere 45,000 active machines on Tuesday and just over 30,000 so far Wednesday, numbers that imply that Apple's first major malware infection is all but over.

Apple is 10 years behind Microsoft in terms of infections, not security practices. Apple USER security practices is what is behind 10 years. It is obvious that the threat is real and its time for Apple users to get a free AV suit and let the security professionals handle the immediate response. AV suites are not what they used to be.. resource hogging garbage. They have really come a long way, dont be scared to run one, and dont let arrogance stop you either.

All the fanboy talk is childish and just plain ignorant. Why would someone hate someone who is a fan of something else? Because you are a fan of Windows? Who cares. If you dislike Apple because you run Windows, why would you take the time to post on something that is irrelevant to you? Childish trolls.

Guest said:

FANTASTIC move from KASPERSKY!!!... now their sales of KASPERSKY Anti-Virus Mac Edition are going through the roof

Guest said:

I am a former Apple employee (Specialist, Expert and Genius), and I can attest to the fact that Macs have pathetic security.

During 2009, I and others at the Genius Bar were stumped by Macs which continuously kernel panicked at boot, and it was impossible to reinstall Snow Leopard onto the hard disk as the disk was not detected. By pure accident, we were able to detect and format the drive in Windows, after which we could again partition the drive as HFS+ and reinstall Mac OS onto it.

As the problem became more and more frequent, further investigation revealed that the error was caused by a malware rootkit residing in the operating system. The malware had modified the Mac OS kernel and added a keylogger in the system... however, in most cases this caused the OS to become unstable, and hence the kernel panicking at boot. The reason why we could not reinstall Mac OS onto the drive was because the installation uses the 'latest' kernel found on disk for the installation, so as to be up to date and require less point updates, which in this case was the tampered with kernel.

After servicing such infected Macs, some of us informed the customers and advised them to use discretion while browsing the web, and they in turn went to our manager and demanded to know why the Geniuses/Techs were claiming that their Macs had a virus when they were (mis)informed that Macs could never get them.

Those of us who did our duty and informed the customer were fired.

It was deja-vu when we saw the same thing happen with the Mac Defender trojan. While Apple had admitted that Macs CAN in fact be infected by malware, they shift the blame to various parties and don't take responsibility for their inability to release patches in a timely manner. They also pathetically downplay the impact of malware on Macs... as well as their own insecurities.

Lion is by far the least secure OS in existence, and is responsible for the growing number of Mac intrusions since July 2011. In fact, the number of Mac infections and intrusions from July-December 2011 had surpassed that of Windows PCs.

Windows has the tools to combat malware infections, and 'new' viruses are just variants of existing ones, and easy to purge. Most Mac malware infections are zero-day, and Apple's only response is release a fix in the form of a new operating system they can charge people for (Mountain Lion), which has the ability to prevent software installations from titles not downloaded from the App store and associated with a user's Apple ID. They DO know people can generate false digital signatures too right? This to me is more of a licensing recoup rather than a malware fix, as piracy is much more rampant among Mac users than PC users... and Gatekeeper will only prevent people from installing titles they downloaded from torrents or procured from friends.

SNGX1275 SNGX1275, TS Forces Special, said:

^ Citation needed on much of what you said. You peppered it with enough truth to be plausible, but provide some evidence. Also XP is also still widely in use, so Lion is by far NOT the least secure OS in existence, and it is more secure than SL or Leopard (or so I believe, cite it if you can prove otherwise).

Windows also has Flame, perhaps you should read some on that.

Also citation needed on piracy on Mac vs PC.

If you run pirated software, you assume the risk, I think that is a given if you pirate stuff regardless of the OS. Once you start using a root login to approve stuff, all bets are off.

Guest said:

^ If you can provide me with your email address, I can do better than citations; I have facsimilies of emails and memorandums sent during my tenure with Apple. I would post them online, but past attempts to do so resulted in the images being taken down and any account associated with the image banned.

We were under strict policy at that time to censor all mention of Mac malware, and in infected systems we were able to clean, we reported to the customer that the "virus" symptoms were in fact caused by a setting the user may have unwittingly changed, and that the Genius Bar had rectified that.

Windows XP, when brought up to date and is used behind a firewall, is much more secure in a corporate setting than Mac OS X Lion likewise at the latest point update and behind a firewall. It was unfortunate that Steve Jobs' death came just as Lion's remote intrusion, LDAP and other vunlerabilities were discovered, and news of the former overshadowed the latter.

Prior to Lion, the very architecture of Mac OS X was what made it insecure, albeit its lower market penetration was what made it safe. I encourage you to set up a small network of Windows and Linux PCs and monitor it via Wireshark. Then connect a Mac and see what changes occur over the network. While Mac OS X is loosely based on the very secure BSD, for some reason the Mac will randomly broadcast and attempt to intercept packets not destined for it. If someone released a rogue/orphaned packet in the network, or the Mac was connected to the Internet without a firewall or a NAT router, it would be highly susceptible to intrusion... hence very much insecure, but until now, the lack of interest in compromising systems with low marketshare and lower enterprise value is what made the Mac safe.

Snow Leopard post 10.6.6 is much more secure than Lion at launch, although I have not kept up afterwards. Most of the articles I've been reading have been published by Symantec, Kaspersky, TrendMicro and F-Secure. By the way, my earlier comment about Lion infections surpassing that of PCs was meant for detections made in the same period of time, not in total/throughout history.

I've heard of Flame, and like Stuxnet I believe it was a government sponsored project that probably won't affect me. I don't agree with that practice, especially if the source code was somehow obtained, but neither does its existence make Windows less secure than Mac OS. Security is about the architecture of the OS; safety is about its likelihood of being attacked.

Operating systems in general, from the most secure to least, are as follows:

1. BSD and other closed-source UNIX operating systems

2. corporate distributions of Linux (eg. Red Hat)

3/4. Windows (Vista and later) and public distributions of Linux (eg. Ubuntu, Mint)... they leapfrog over each other in terms of security, but Linux is often the safer choice.

5. Mac OS X (terrible architecture as I've touched on above)

Guest said:

Good luck with borrowing my lap top. By the way I close my lap top and you need a password to re enter my os.

No we don't. You have an IEEE 1394 port, we have direct access to all of your system memory. That's how it works.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.