IE 11 is not supported. For an optimal experience visit our site on another browser.

Hidden Security Worms May Loom in Apple's Future

This is the sixth story in a series on the future of digital security.
/ Source: SecurityNewsDaily

This is the sixth story in a series on the future of digital security.

Spectacular earnings, a commanding mobile market share and nearly $100 billion in the bank make Apple the envy of the business world. But there's a potential dark side of being the most popular kid in the class: It also makes you a target. So is the worm about to turn for Mac- and iPhone-related malware?

"Apple is gaining more market share, and like Microsoft Windows on the PC, iOS will become a larger target for attackers," said Jimmy Shah, a mobile security researcher at Santa Clara, Calif.-based McAfee Labs.

"As Apple's market share is constantly increasing, it draws more and more unwanted attention from cybercriminal groups," agreed Bogdan Botezatu, a threats analyst at Romanian anti-virus firm Bitdefender.

Global domination without tears

In the tablet world in particular, Apple has become dominant, shipping 15.4 million iPads in the last quarter of 2011 alone, according to industry researchers at IHS (formerly iSuppli). Sales of iPads were up 39 percent compared to the previous quarter, threatened only by another Apple product, the iPhone 4S, which started shipping in last October.

Still, in spite of such successes, there are relatively few attacks aimed at the iOS platform compared to Android devices. Google's Android platform experienced an astonishing 3,325 percent jump in attacks during the second half of last year, according to Juniper Networks' 2011 Mobile Threat Report, which was released last week. The report also notes that approximately 47 percent of all mobile malware was aimed at Android, followed closely by the once-dominant Java Mobile Edition.

However, Juniper points out that Apple did not make its own malware information publicly available. And some experts say the flow of malware could change direction quickly as Apple moves to make the mobile iOS and desktop Mac OS X platforms even more intercompatible.

For example, a preview release of Mac OS X 10.8, called Mountain Lion, includes iPad-like reminders and highly integrated iCloud functions to synchronize and edit documents across multiple devices.

"If a third-party developer does not secure their interaction with the iCloud service, they can open the door for attackers to take advantage and steal users' personal information or private documents and data," noted McAfee's Shah.

Software designers will have to be more vigilant in developing such applications. But right now, it is difficult for analysts to assess the potential threat.

"Researchers like myself really can't inspect 'cloud' applications like we can normal applications that are running locally on our systems," said Charlie Miller, a principal research consultant at Denver-based Accuvant Labs who's famous for finding hidden vulnerabilities in Apple's systems.

Mountain Lion adds a security feature called Gatekeeper that enables Mac users to block the installation of downloaded software from sources other than the App Store, or from unregistered software developers. Savvy con artists may still find ways to persuade users into overriding Gatekeeper's restrictions, and the security feature does nothing to block malware coming from thumb drives, optical disks or external hard drives.

The future looks bright, but...

Miller doesn't expect that Apple's mobile or desktop systems will ever face the level of attacks experienced by Android or Windows devices, primarily because all Apple iOS apps — and soon, many OS X applications — are carefully inspected before they are released to users.

The exception is when consumers decide to jailbreak their iPhones, which can leave them open to malware attacks. But even in such cases, Shah said, Apple quickly addresses jailbreaking exploits and patches them within weeks.

Nevertheless, iPhone, iPad, iPod Touch and Mac users should remain watchful.

Bitdefender's Botezatu points out that Apple's popularity means that new, legitimate software built to port business applications to iOS from other platforms can also be used to port malware. (Some Linux malware has already been rewritten for Mac OS X.) He also warns Apple users to be careful when surfing the Web, where platforms matter less and software is often written to be universal.

"The iPhone fully supports HTML5, including features such as Web Notifications," said Botezatu, "which allows cybercriminals to create fake pop-ups and warnings, impersonate forms and deliver more convincing scams straight through the browser."

Other stories in this series: