Apple’s operating systems are no longer bulletproof. Regardless of end users perceptions of invincibility, a recent study has demonstrated that ransomware attacks have increased by 500% on Macs and iOS devices, despite their locked down architecture. The difference is in the criminal tactics. Cybercriminals today utilize OS- Specific ransomware to obtain trust, access, or Intel in order to steal data or money. In prior years, criminals were focused on max damage, which meant non-Apple products. Now, all users are potential targets, regardless of their OS.
Datto’s State of the Channel: Ransomware Report states that 9% of MSPs have seen ransomware on both MacOS and iOS devices. Of those, 86% of victims had antivirus in place, 65% had email spam filters, and 29% had pop up blockers. How are these criminals still getting thru? The answer is likely your own untrained users. 97% of malicious attacks trick the user through some type of social engineering scheme. Without user training, it doesn’t matter if your OS is a PC or a Mac. The user is always the easiest to fool.
Organizations that cultivate an environment of safety via layered security are strongest against attacks. Make your users part of your security strategy by providing Security Awareness Training. Teaching users to look for things like potential scams, current threats, criminal tactics, questionable emails, and fake websites improves security and decreases risk. Sending out tests like “phishing” emails to ensure users have learned to be vigilant can help identify areas of weakness where retraining is needed.