Macs, for a long time, have had a reputation of being immune to malware. This reputation isn’t entirely unwarranted but the situation has gotten a little more complicated. There are two factors that have, historically, protected Macs from viruses, trojans and other malware:
- They have built-in security measures, and
- They were far less popular than Windows PCs
MacOS, and OS X before that, have prioritised user security. Features like Gatekeeper, the Mac App Store and app sandboxing all make it harder for malware to take control of a Mac. In particular, they prevent unauthorised apps from gaining low-level access to the operating system. These features, however, aren’t infallible.
Until recently, Macs also weren’t a very appealing target for malware developers. They made up a fraction of the personal computer market. They weren’t used in large corporations which are the most lucrative target.
That has all changed to some degree. Macs now have a significantly larger share of the market. They’re also much more frequently found in big companies thanks to bring your own device policies.
The issue of malware for Macs should be considered. In this tutorial I’ll explain whether you need to be worried and what you can do if you are.
Computer Viruses and Malware
Malware, a portmanteau of malicious and software, refers to any software that compromises a users computer.
Malware can run programs in the background, steal personal information, lock down a computer and display advertising among other things. It ranges from small stuff like the Yahoo toolbar that displays ads in your browser all the way up to nationally sponsored malware like Stuxnet which compromised the Iranian nuclear program.
The word malware is often used interchangeably with computer virus although they are slightly different.
Malware is an overarching classification that includes not just computer viruses but trojan horses, worms, ransomware, spyware and heaps of other malicious programs.
Macs Can Get Malware
With such a wide variety of different threats out there, it’s no wonder that some target Mac users. Reports of Mac malware are getting more frequent.
Earlier this year Time reported on some ransomware hitting Mac users. The malware came bundled with Transmission, a torrent client. Once installed, it locked users out of some of their files and demanded they pay a Bitcoin—$400 dollars or so—to regain access. This is a common strategy for hackers looking to make a quick buck.
Last year, hackers released a compromised version of Apple’s iOS development tools, XCode, that infected any iOS or Mac apps built on the system. A few apps were even released on the App Stores before the malware was patched.
The biggest Mac malware infection happened in 2012. A Java vulnerability led to 600,000 Macs getting infected with the Flashback trojan which stole personal information.
Macs can also spread Windows viruses, they just aren’t directly affected by them.
You Probably Don’t Need to Worry
Although Mac specific malware is becoming more of an issue, most Mac users really don’t need to worry that much. There is several orders of magnitude more Windows malware out there than Mac malware. The barriers to creating Mac malware are much higher.
Windows malware is a very mature market. There are thousands of professional—although illegal—solutions for sale. If you have a few thousand dollars, you can invest in all the tools you need to modify and produce your own malware. Mac malware, on the other hand, requires far more skill to create.
Macs are still a less valuable targets than Windows PCs. If hackers are going after a specific person, phishing attacks to compromise their online accounts are a far more likely vector than trying to install malware on their Mac. With Windows PCs, malware can quickly spread to millions of machines. Macs just don’t have the same numbers.
How the MacOS operating system is structured also works against malware. With Windows, it’s far easier to gain root access. MacOS’s safeguards aren’t impenetrable, but they do make things harder for malware developers.
The Mac App Store also does a lot to keep Mac users safe. There have been very few instances where an app sold through the Mac app store has been compromised. As long as you get the majority of your apps from there and other reputable sources, you’ll be safe.
Apple is also very good at pushing out updates. Most updates are downloaded automatically and quickly installed. The days of waiting for massive Windows Service Packs are over. If you keep your Mac updated, you should be safe from most vulnerabilities.
Finally, malware has to be installed. Just browsing a website isn’t enough to infect a Mac. You actively need to download and run something. If you are careful about what files you run from unknown sources, your machine will be safe.
Take me, for example. I’m a high risk case. I work online, try countless apps each month, mess around with Terminal, access questionable sites and generally don’t go out of my way to avoid threats.
When I ran an anti-virus on my Mac for this tutorial, the only threat it found was a single browser toolbar. If my Mac is okay, yours probably will be too.
With that said, there’s still a case to be made for downloading an anti-virus and running it occasionally.
AV Test, an independent IT security institute, have a great report on MacOS anti-viruses. They put thirteen leading anti-virus apps through their paces and certified ten of them.
Of the apps they reviewed, the three they recommended most were Bitdefender Antivirus for Mac, Symantec Norton Security and Sophos Anti-Virus. Bitdefender and Norton are paid solutions while Sophos is free.
All three apps detected 100% of the threats in their test. Where they differed was that the paid apps had more features such as spam detection and firewalls and also used less system resources than Sophos.
Running an anti-virus does affect a Macs performance. With one of the paid options running, things will take about 10% longer. With Sophos, that goes up to about 20%. You probably won’t notice this in everyday life but it will also hit your battery life.
For that reason, I recommend installing an anti-virus but not leaving it running in the background all the time. Every few weeks or any time you’re downloading potentially suspicious files, run it just to be safe.
The idea that Macs are completely immune to viruses is a myth. They are, however, remarkably safe compared to Windows machines. This may change over the next few years if they continue to get more popular. Once Macs become a lucrative target for malware developers, they will be at risk.
While a Macs built in defences are great, it’s easy to supplement them with a free app like Sophos Anti-Virus. You don’t need it on all the time; just scan the Mac every few weeks and you should be safe.