Last updated: August 3, 2011 2:00 am
Security concerns for Apple servers
By Joseph Menn in Las Vegas
Companies relying on Apple servers might be more susceptible to the most harmful type of cyber-attacks than those with Windows set-ups, research to be presented at the Black Hat security conference on Wednesday suggests.
Though a far lower proportion of Apple laptops and desktop computers become infected with malicious software than do their Windows PC rivals, a sophisticated hacker would find it easier to roam through an Apple network once inside, the report finds.
Hackers claim Apple security breach
Threat ends Mac users’ comfort zone
Apple Macs hit by scareware attacks
Apple open to lawsuit over data collection
In depth Apple
Researchers from consulting firm iSEC Partners showed the Financial Times an advance copy of their presentation to the conference, which begins in Las Vegas on Wednesday.
Apple did not respond to questions about the report.
A unit of NCC Group, iSEC advises clients including Google, Facebook and four of the five largest US commercial banks on security. The team said that while the security of Apple’s Mac OS X operating system for individual computers had improved with new versions, infections were no longer unheard of. This year, Apple issued a series of security updates to its software as it battled with distributors of fake antivirus programs who tricked some Mac users into downloading and installing their wares.
Just last week, Microsoft, which makes Windows software, reported that it had discovered that a Mac version of a program for stealing passwords, called Olyx, now exists.
Company IT departments increasingly assume that one or more computers under their watch will become infected at some point. Hackers use personalised e-mails with malicious attachments that can appear to have been sent by a friend or colleague, or previously unknown software that security scans will not detect, or both, as in the recent attacks on security firm RSA and the International Monetary Fund.
For companies with something of value to protect, the test is what happens next. In what have been termed “advanced persistent threats”, hackers typically try to move through the information networks, taking control of administrator or executive accounts and increasing their levels of authorised access.
Windows-run servers had been retooled to make that more difficult, said iSEC researcher Alex Stamos, but Apple’s server software is lagging behind.
Among other measures on its servers, Microsoft enforces the use of one set of encryptions, which are difficult to crack. But Apple had multiple pieces of server software with five different authentication systems, Mr Stamos said, all of which can be broken.
Apple’s server security was not as critical if corporate technology departments kept Macs isolated from the network. But, as Apple’s share of the business market has increased, more companies have added Apple server software and treated the desktop computers as part of the network.
AI
