April 26, 2012, 12:04 PM — Apple users have been lucky for the whole history of the company that they could avoid most malware, viruses and common attack exploits without taking the elaborate precautions required of Windows users, according to Eugene Kaspersky, founder and CEO of security software vendor Kaspersky Labs.
Windows is still the top target for hackers and malware writers, but Mac products have become popular enough to attract the kind of trouble Windows always has, Kaspersky told CBRonline.
Market share for Mac OS X machines has been increasing for several years, but is still far behind Windows.
The latest usage numbers from NetMarketShare show Mac OS X 10.6 and 10.7 with a 5.4 percent market share compared to 92.1 percent for various versions of Windows.
Following the success of Flashback and Flashfake malware outbreaks, which created botnets covering as many as 700,000 Macs, the increasing presence and virulence of malware for Macs is changing the requirements for Apple and experience for Mac users, Kaspersky said.
"Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on," Kaspersky said. "We now expect to see more and more because cyber criminals learn from success and this was the first successful one."
Because of the dearth of Mac OS viruses, Apple has gotten away with a relatively slow, careful development-and-testing process for OS patches and repairs for exploits used by malware.
Apple is more attentive, and a little faster, about responding to new threats, but are nowhere near where they need to be in order to be able to claim they're as good or as fast at countering malware than Microsoft.
Kaspersky has been vocal in blaming the Flashback outbreak on Apple's slow updates to its implementation of Java, which Flashback exploited, and for failing to recognize and respond more quickly to an outbreak as massive as Flashback.
"…Very soon they'll [Apple] have the same problems Microsoft had ten or 12 years ago," Kaspersky said. "They'll have to make changes in terms of the cycle of updates…and invest more into their security audits for software…That's what Microsoft did in the past. [Microsoft] had to do a lot of work to check the code to find mistakes and vulnerabilities. Now it's time for Apple [to do the same]," Kaspersky said.