Hello everyone! I am in the cybersecurity industry for almost 8 years now. Through all these years, many people had asked me topics related to security. One of the most common belief is that MacOS is much more secure that Windows OS. Some even think that it is "hackproof" or free from malware. Today, I am going to discuss this topic and hopefully this article will serve as a reference to anyone who asks me similar questions in the future 😎.
What is MacOS?
To understand how secure is MacOS, we first have to know what it is. If you take a look at the history of MacOS, it is actually based on Unix.
Source
Unix as an operating system is really built with security in mind. In this article, the author discussed the fundamental difference in design principles between Unix and Windows and he says,
These differences in the design and relative security of Unix and Microsoft OSs illustrate a distinct difference in philosophy between them. Unfortunately, the difference appears to be that where Unix has a philosophy of security built into the fundamental design of the system by default, MS Windows has a philosophy of "Who cares about security?"
With the file level permissions, sudo and su permissions restrictions, Unix is indeed much better designed for security in a multi-users environment. (At this stage, I will like to point out that Windows security has also improved drastically with the introduction of Windows 10.) However, this does not mean that Unix is virus-free and hackproof. In fact, the first computer worm, Morris Worm, was written to target Unix-based systems. By extention, it will be foolish to think that MacOS is virus-free.
Recent Vulnerabilities on MacOS
I got reminded of this topic because of a recently discovered vulnerability on MacOS. The vulnerability, coined as "KeySteal", opens a door to steal all passwords in your Mac’s “login” and “System” keychain, which leaves you wide open to attack even if you have security measures like Access Control Lists and System Integrity Protection using Apple’s latest T2 security chip. Here is a video of the vulnerability being exploited,
Vulnerabilities in MacOS's Keychain function is not new, a similar one was discovered in 2017. Besides the weakness in its Keychain security, the latest version of was found to have a vulnerability which allows bypass of its privacy feature. This vulnerability, though already fixed, was found almost immediately post release. This goes to show how easy it is and how interested security researchers (and hackers) wants to break the security on MacOS.
Besides the 2 more prominent vulnerabilities, there are dozens of vulnerabilities discovered in 2019 alone. You just need to head over to CVEDetails.com to view them. CVE is short of "Common Vulnerabilities and Exposures". It is a database of vulnerabilities found by security researchers all over the world.
Conclusion
For the past decade, MacOS had benefited mainly from "security through obscurity". As the user base is low compared to Windows, and most companies issue Windows-based PCs to their employees, there wasn't much incentives for hackers to exploit MacOS. In the past, hackers mostly take the path of least resistance and aim to do less work for the most reward. Therefore, writing viruses and other malware for Windows made the most economical sense.
Lately, attacks have become more targeted. There are probably many high-value individuals who are using MacOS and increasingly, we are seeing MacOS used in corporate environments. As a result, we can expect more focus from hackers to target MacOS. The bottomline is not to be too complacent and take security for granted just because you are a Mac user. No system is 100% hackproof.
Thanks for reading! Do share your thoughts and let me know which operating system you are using.