Defending MacOS Against Sophisticated Attacks

Automatic TRANSCRIPT

I've come from a kind of unusual background I guess for somebody in Cybersecurity. In. The sense that I started. I. Mean I've been involved with the MAC platform for. Something like fifteen years or more. But I didn't really start getting into it in a kind of technical way until about eleven years ago. And, I just started out on Apple's support forums trouble-shooting. Volunteering. Troubleshooting advice to people. And after Wa, that led me to most problems that are coming up back then were or it started to be when we started to see security issues like adware and things like that. And that sort of an Brown about way, let me to develop my own software to basically deal with all these issues. Instead of answering people's questions all the time. and. So for about five or six years I was. Developing my own software and doing that and. Then, about two years ago, I joined central one, basically, they were looking for somebody who had background in McCoy security shoes to sort of help with with research. And somebody who kind of knew the threat scape and sort of seen it evolve so. That's kind of how I got to today. Janka. Where do we find ourselves today when it comes to Mac Os and and sort of the state of things when it comes to security and what's your estimation of where we are? Generally the Mackie's a safe platform. I don't think. There's a big argument about that, but I think the the issue really is that. There is a malware problem on Mac os which never existed maybe five or six years ago. It's actually even escalated again in the last couple of years I think and I think part of that is to do with the fact that Maxim now. Foul often found in business environments whereas they probably weren't. Going back was five or six years would really. Popular Business Machine. And I think it's also that. Just to use his vague general term threat actors. Realized there is money to be made from accuses. Possibly it comes with the development of the iphone from two, thousand seven. But the fact that people now have them. Max connected to so many other devices there a rich hunting ground for people who want to. Gather, data of adware. We. Also have some more targeted actors as well with the business environment. So. I think the situation today really is that. There is a lot more threats, for Max, and has ever been before, but I think also not a great awareness Soviet. If you compare that to say windows. Yeah. You can ask even the most basic windows us and they probably know what an AV is probably know that they need to have windows defender turned on or something like that. But with MAC users, I don't generally get that sense of awareness. You know this is sort of general feeling that it's a market. It's safe by design. You know I think that's. Something that people really need to have second thing about with the kind of threats that we see these days. It's it's my perception from the folks that I've talked to that the majority of the The malware hitting Mac users seems to be adware people. It's that classic update your copy of Flash and then something gets installed shows. Ads is, is that an accurate perception on my part I? Would say, so I think I wouldn't like to give figures because I don't really have the data to to say that, but you know it. Sort of. Off of the top of my head, I would say, probably seventy eighty, maybe even ninety percent of the stuff I actually see on a day to day basis is going to be adware and it's Kinda cousin, which is the stuff recalled bundle way all the kind of. Potentially. unwanted. Software. That gets installed alongside says, download some software manager and you get like ten. Things back keeper and Lisov utilities that are not really often any any value. That often get installed. Through hidden, very, very difficult to see check boxes and things like that. CRYPTO is also thing. We've had allowed minor bird minors in the last couple years that they've been intimidated detections. We see those on the rise quite a lot. and. Too, much lesser extent. There's bits of the spyware. Data stealing stuff, Anacostia things that get headlines every hour now, and again is the. Things Lazarus or AP GM era. You know very very targeted dings going after specific uses. So yeah, I. Mean I. think that's a fairly accurate way to think about it. In terms of the general user. I, think the most threats they're looking at our. ADWARE unbundle where? The other problem that I'm I see. Developing is when we look at these adware bundle where actors and. Listen to in the media's general slayer which has been. Pretty proactive in the last eighteen months, or so what you see is a lot of interaction between between themselves and a lot of swapping. So you get adware sources installing bundle wear and you get bundle where download is that are serving up where and it's it's kind of difficult. Actually a Lotta time to pull up different players, all these sort of paper install kind of things, some serving adware, some of them are serving genuine malware so. It seems as if there is a lot full of interaction with these guys. In terms of helping each other out to. Serve this. I mean I just called a whole lot malware. Basically, something that the US had doesn't want doesn't know and is not in our interests and as you know as far as I'm concerned it, you might as well call it all where. The number of these things his what's really. Quite. Shocking. When you look at just how much more of this is occurring this more this year than there was last year, you know almost exponentially, and this seems to be more players as

Coming up next