With Apple users feeling a little less smug about the security of their machines after the recent Flashback/Flashfake malware outbreak, Kaspersky founder and CEO Eugene Kaspersky has even more bad news.
The head of the internet security company said that Apple is a decade behind Microsoft when it comes to security, and needs a major rethink about how it approaches updates.
Talking to tech site CBR, Kaspersky said:
I think they are ten years behind Microsoft in terms of security. For many years I’ve been saying that from a security point of view there is no big difference between Mac and Windows. It’s always been possible to develop Mac malware, but this one was a bit different.
For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms.
Kaspersky said that his company is seeing more and more Mac-targeted malware – no real surprise considering the growth in Mac sales – but added that Windows remains the primary target for cyber criminals.
This could all change however, as Mac’s market share grows, as Kaspersky notes:
[It’s] just a question of time and market share. Cyber criminals have now recognised that Mac is an interesting area. Now we have more, it’s not just Flashback or Flashfake. Welcome to Microsoft’s world, Mac. It’s full of malware.
Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on.
We now expect to see more and more because cyber criminals learn from success and this was the first successful one.
The internet security head honcho had already criticised Apple for their tardy response to the Flashback outbreak, accusing them of leaving their users vulnerable to attack for three months, and was keen to impress on Apple on the need to change their attitude towards security:
They will understand very soon that they have the same problems Microsoft had ten or 12 years ago. They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software.
That’s what Microsoft did in the past after so many incidents like Blaster and the more complicated worms that infected millions of computers in a short time. They had to do a lot of work to check the code to find mistakes and vulnerabilities. Now it’s time for Apple [to do that].