Security Bite: Jamf warns cyber hygiene among many Apple-using businesses is ‘abysmal’
Hey, Arin here. Last week was the busiest for security so far this year. We saw an unprecedented offensive on the LockBit ransomware gang; Apple moved to make iMessage future-proof with quantum computer protection, and the topic of this week, Jamf’s new report highlighting some alarming statistics around Apple-using businesses. So, grab your drink of choice. Let’s get into it…
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
This is Security Bite, your weekly security-focused column on 9to5Mac. Every Sunday, Arin Waichulis delivers insights on data privacy, uncovers vulnerabilities, and sheds light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices. Stay secure, stay safe.
Jamf, the popular Apple device management platform, is out with its annual security trends report for 2023. The analysis looks at anonymized real-world customer data collected from over 15 million devices using Jamf across multiple platforms (macOS, iOS, iPadOS, Windows, and Android), as well as threat research and industry events, to depict the threat landscape as it affects businesses and employees.
Key findings from the report
- 40% of mobile users and 39% of organizations are running a device with known vulnerabilities
- 20% of organizations were impacted by malicious network traffic
- 8% of organizations had a mobile device accessing a third-party App Store
- Android has 2x third-party app downloads compared to iOS
- 2.5% of devices had a vulnerable application installed in 2023
Apple-specific findings
- Jamf tracks 300 malware families on macOS and found 21 new families on Mac in 2023
- Trojans are growing in popularity, accounting for 17% of all Mac malware instances
- Phishing attempts were 50% more successful on mobile devices than on Macs
- In 2023, 3% of Apple devices had Lock Screen disabled, and 25% of organizations had at least one user with Lock Screen disabled
- FileVault was found to be disabled on 36% of devices
- GateKeeper had a 90% activation rate for App Store & Identified Developers
- Firewall feature was disabled on 55% of Macs
Some of these stats are indeed alarming but may not come as a total surprise. Earlier this month, 9to5Mac reported that the adoption of iOS 17 is moving at a much slower rate than iOS 16, which contains at least two major vulnerabilities that have been exploited in Operation Triangulation patched in 16.2 and a second zero-click used by attackers to inject Pegasus spyware that was fixed with iOS 16.6.1.
Lack of next-gen software adoption could be a driving factor behind such a large amount of mobile users running a device with known vulnerabilities. Of course, this is just iPhone. Jamf’s data lumped all mobile operating systems together for this particular analysis, so we can’t see how much Android is contributing to the 40%.
It’s a long-running misconception that Mac can’t get malware. This is certainly not true. Without getting too much in the weeds, the increase in malware targeting Mac computers is evident. Jamf reports an additional 21 new families were detected in 2023, which would be a 50% increase YoY. What is true is as Mac continues to rise in popularity, it’ll lose its strength in low numbers and become a more attractive target for cybercriminals. But the fact remains that Mac continues to be intrinsically more secure than Windows at the moment.
“The analysis, carried out in Q4 2023 and revisiting the prior 12-month period, revealed many key themes, chief among them that organizations’ cyber hygiene is abysmal and threat actors are ready to strike with the most sophisticated attacks yet,” Jamf states.
Jamf has the entire report available for download here.
How to protect yourself
- Keep your device up-to-date: Whether it’s an iPhone, Mac, or iPad, keeping the OS up-to-date with the latest security patch goodness is the first thing everyone should do. This will address known vulnerabilities that malware can exploit.
- Use antivirus software: Macs aren’t invincible to malware! I’d recommend using Malwarebytes, which provides a free app for individuals that can detect and remove possible threats. Additionally, CleanMyMac X now includes a malware removal tool powered by its MoonLock service.
- Exercise caution when clicking: Email continues to be the most popular vertical for malware. Minimal effort for criminals, maximum success. 9% of phishing attacks were successful in 2023, up 1% in 2022, according to Jamf. As you know, exercise caution when clicking any links and opening attachments.
- Enable firewall: Enabling your Mac’s firewall is the best way to prevent accepting unauthorized applications and services. This is helpful for managing incoming and outgoing connections. The firewall feature was disabled on 55% of Macs in Jamf’s study.
- Use strong (unique) passwords: Your dog’s name, followed by an exclamation, is not okay.
- Enable disk encryption: On Mac, this is called FileVault and will encrypt all user data saved to disk on the fly. This will keep sensitive information safe in case your device is lost or stolen. According to Jamf’s report, this was disabled on 36% of client devices.
- Limit user privileges: It is important to restrict user privileges to prevent unauthorized installation of software and to limit the potential impact of malware infections. See how to limit privileges on Mac here.
More
FTC: We use income earning auto affiliate links. More.