Pages

Wednesday, 16 May 2012

Kaspersky performing independent security analysis on OS X (Updated)


This post has been updated (see bottom of post) with a statement from Kaspersky Lab. The title has also been changed to reflect the new information we received.
Apple is drawing upon the expertise of security researchers from Kaspersky Lab when it comes to security on OS X, according to Kaspersky CTO Nikolai Grebennikov. In an interview with Computing News, Grebennikov revealed that Apple had asked his firm to begin analyzing OS X in order to help improve its security. The request follows the recent high-profile Flashback scare, and shows that Apple is beginning to take steps to take OS X security more seriously.
"Mac OS is really vulnerable, and Apple recently invited us to improve its security. We've begun an analysis of its vulnerabilities, and the malware targeting it," Grebennikov told Computing News. "Our first investigations show Apple doesn't pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago."
Following reports that more than a half-million Macs were infected by Flashback thanks to a then-unpatched Java vulnerability in OS X, Kaspersky Lab boldly told members of the media that "Mac OS X invulnerability" to malware is a myth. Although the statement generated grousing among the Mac-using community, it's true—security researchers have been arguing for years that Macs were only perceptibly "safer" because of their relatively low market share. It would only be a matter of time before attackers began focusing on the Mac, and Kaspersky argued last month that we have officially reached that point. "Market share brings attacker motivation," the firm said in April. "Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits."
The fact that Apple is consulting Kaspersky now for help doesn't come as a huge surprise, though. As we have learned from our own sources, Apple often brings in outside firms to present and discuss ideas for OS X and iOS. Since Mac hardware is increasingly becoming a target for malicious attackers, it makes sense that Apple would take the input from firms like Kaspersky more seriously as it prepares to move forward with its next version of OS X, Mountain Lion. Although Mountain Lion will allow users to heavily restrict the origin of software installed on their machines for security purposes, attacks like Flashback don't necessarily need users to install anything in order to take advantage of vulnerabilities. (Flashback installed itself on victims' machines via Java after users visited infected WordPress websites.) As such, malware will likely continue to be a concern for Mac users.
Apple did not respond to our request for comment by publication time.

Update: Kaspersky Lab has reached out to us to say that representation of Kaspersky's supposed collaboration with Apple in Computing News is not accurate and the company is working on having the original article changed. Kaspersky also sent over the following statement on behalf of Grebennikov:
As Mac OS X market share continues to increase, we expect cyber-criminals to continue to develop new types of malware and attack methods. In order to meet these new threats, Kaspersky Lab has been conducting an in-depth analysis of Mac OS X vulnerabilities and new forms of malware.
This security analysis of Mac OS X was conducted independently of Apple; however, Apple is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis.
Kaspersky Lab is committed to providing the highest level of security for all of our customers, including Mac OS X, and we will continue to enhance our technologies in order to meet the ever-changing threat landscape.

No comments:

Post a Comment

Disqus

Please Comment Here