Apple and the myth of the impregnable ecosystem
19 02 2019
With its locked ecosystem and skilfully orchestrated communications, Apple is fine-tuning its image as the unassailable fortress. But when it comes to cybersecurity, nobody is invulnerable.
“What happens in your iPhone stays in your iPhone”. People attending the CES were met with this message, in white letters, on a huge black billboard covering 13 floors. A major communications operation by Apple to publicise its ecosystem and present itself as a staunch defender of privacy. Alas, a mere three weeks later, the company was forced to admit to a major security loophole on FaceTime which meant that iPhone conversations could be listened to without the users’ knowledge. This was immediately followed by the news that MacOSX was infected by CookieMiner, a malware that hacked and stole cryptocurrencies held by its victims. And after the discovery of a Zero Day vulnerability on the new version of macOS, Mojave, the start of 2019 alone confirms that, when it comes to security, nobody is invulnerable. Not even the apple brand.
The myth of Apple’s inviolability
Apple, however, has long been considered to be a tamper-proof system. There are three main reasons for this myth, according to David Gueluy, Innovation leader at Stormshield. “Historically, Apple was initially exempted from attack because it had fewer users than Microsoft and therefore was not a prime target. Next, Apple’s closed ecosystem creates the illusion of control and immunity to attacks. Finally, privacy protection has become a selling point for Apple, who make a lot of references to it, thus reinforcing in people's minds an association between Apple and the concept of security.”
But, for several years now, Apple has repeatedly been a target for attacks. The successes of the iPhone and MacBook have boosted the number of Apple ecosystem users and their profile – mostly CSP + and VIP – is sharpening appetites. “Cyberattacks are often financially motivated,” says David Gueluy. As a result, the vulnerability discovered on Apple's products is on the rise, sometimes attracting significant media attention, such as the 2014 iCloud hack, when several Hollywood stars had their data compromised and their privacy violated. “The iCloud case is emblematic because it reminds us that security is a global issue: we tend to think mostly in terms of hardware (smartphone, tablet, computer), yet all the services and devices we use bring additional risks,” notes David Gueluy.
Security is a global issue: we tend to think mostly in terms of hardware (smartphone, tablet, computer), yet all the services and devices we use bring additional risks.David Gueluy, Innovation leader at Stormshield
The App Store, a nest of spies
This is enough to make some people say the Mac user is no better protected than a Windows user. You only have to glance at the National Vulnerability Database to see that the Apple ecosystem also has its share of CVE (Common Vulnerabilities and Exposures).
Currently, a third of attacks target mobiles. Android might still be the most targeted OS but iOS is just as susceptible. But before the CookieMiner malware put in an appearance in 2019, we already had, in no particular order, the XCodeGhost malware (which infected more than 4,000 App Store applications according to FireEye), Pegasus spyware, the Acedeceiver Trojan and even the KeRanger ransomware.
The Apple user, a primary vulnerability factor
“Ecosystems are becoming increasingly reliable. Nowadays the user is the most vulnerable entry point,” according to one of Stormshield’s security researchers. However, everyone can follow some simple good practices in order to limit risks. “Like all publishers, Apple has dedicated teams who work to resolve vulnerabilities. The most important cybersecurity habit is regular updating,” he asserts.
At a minimum, you should never download suspicious attachments, you should use two-factor authentication, set a strong password and change it regularly. And, of course, don’t install applications without knowing their source. “You either have to download it from the App Store or go and find it on the publisher’s official website,” notes the cybersecurity specialist. If you want to avoid ending up with a malicious application, always check the publisher’s identity to see if it is the same as other applications in the store, have a look at the comments and, most importantly, check the price. If the application is much less expensive than expected, be wary. “It's the same as the rules for vigilance regarding phishing,” says Julien Paffumi, Product Marketing Manager at Stormshield. “If it’s too good to be true, it’s definitely a trap!”
And this trend no longer only applies to personal use. With increased power, new features and effective marketing campaigns, Apple’s various products are finding their place in businesses. Where these businesses are concerned, more advanced solutions mean that they are protected on several levels:
- A firewall protects network traffic by filtering data feeds in order to detect dangerous sites and content. This is what is offered by the Stormshield Network Security solution. This system is particularly recommended for setting up a secure connection.
- Encryption solutions to protect data on MacBook and other iPhones. Whether it's negligence, malice or industrial espionage, business data has become a major competitive issue and the theft of this data is massively underestimated. The Stormshield Data Security solution offers end-to-end data encryption, from user to recipient, giving transparent protection against man-in-the-middle attacks, malicious administration and data breaches.