At the moment, there are more than 100 million Mac OS X users around the world. The number has grown switfly during the past years we expect this growth to continue. Until recently, Mac OS X malware was a somehow limited category and included trojans such as the Mac OS X version of DNSChanger and more recently, fake anti-virus/scareware attacks for Mac OS X which boomed in 2011. In September 2011, the first versions of the Mac OS X trojan Flashback have appeared, however, they didn’t really become widespread until March 2012. According to data collected by Kaspersky Lab, almost 700,000 infected users have been counted at the beginning of April and the number could be higher. Although Mac OS X can be a very secure operating systems, there are certain steps which you can take to avoid becoming a victim to this growing number of attacks.
Here are the recommendation on 10 simple tips to boost the security of your Mac:
1. Create a non-admin account for everyday activities.
Your default account on Mac OS X is an administrator user, and malware writers can take advantage of that to infect your computer.
For everyday activities, we recommend you create a non-admin user and you only log in as administrator when you need to perform administrative tasks. To do that, go to the "Accounts" pane of "System Preferences, then create a non-administrator user. Use the new account for everyday tasks like e-mail and web browsing. This greatly helps to limit the damage from zero-day threats and drive-by malware attacks.
2. Use a web browser that contains a sandbox and has a solid track record of fixing security issues in a prompt manner.
Google Chrome is updated more often than Apple’s built-in Safari browser. Google Chrome also comes with a sandboxed version of Flash Player that puts up a significant roadblock for malicious exploits. It has also a silent, automatic update mechanism that removes the burden of patching security vulnerabilities.
3. Uninstall the standalone Flash Player.
Unfortunately, Adobe’s Flash Player has been common target for hackers looking to take control complete over your computer. An old version of Flash Player will most certainly put you at risk when browsing the internet. To uninstall Flash, you can use the two utilities provided by Adobe, for versions 10.4-10.5 and 10.6 and later. See this link for details.
4. Solve the Java problem.
Java is also a preferred target for exploit writers looking to plant malware on your machine. It is recommended to have it completely uninstalled.
5. Run “Software Update” and patch the machine promptly when updates are available.
Many of the recent attacks against Mac OS X take advantage of old or outdated software. Commonly exploited sxploited suites include Microsoft Office, Adobe Reader/Acrobat, and Oracle’s Java, but there are other applications that can be abused as well. Office for Mac 2011 is much better from a security point of view than Office for Mac 2008. If you are still using 2008, we recommend you update to 2011 as soon as possible. Whenever you see the Apple’s “Software Update” prompt, be sure to apply the fixes and reboot the machine when necessary.
6. Use a password manager to help cope with phishing attacks.
The good news is that unlike Windows, Mac comes with a built-in password manager, the “Keychain”.
Whenever possible, try to generate unique, strong passphrases for your resources and keep them in the keychain instead of remembering easier passwords. Whenever the cyber-criminals manage to compromise one of your accounts, they will immediately try the same password everywhere - GMail, Facebook, eBay, PayPal and so on. Hence, having an unique strong password on each resources is a huge boost to your online security.
Another, though more complicated advice is to have a separate keychain, with a 3-5 minutes password cache timeout, for important passwords only. What are important passwords? Well, things such as resources which when compromised can cause direct financial loss: eBay, PayPal, online banking and so on. If somehow your “Keychain” gets compromised, you don’t loose all the passwords.
7. Disable IPv6, AirPort and Bluetooth when not needed.
Turn off connectivity services when not in use, or when not required. These include IPv6, AirPort and Bluetooth, three services that can be used as entry points for hacker attacks.
IPv6 is a relatively new communication protocol which your Mac can use. This is rarely used in practice , although in my years of travelling, I’ve seen only one hotel which supported IPv6 in parallel to IPv4. Hence, it’s probably safe and even a good advice to disable IPv6 proactively.
To disable IPv6 on your computer Choose Apple menu > System Preferences, and then click Network.
If the Network Preference is locked, click on the lock icon and enter your Admin password to make further changes. Choose the network service you want to use with IPv6, such as Ethernet or AirPort.
Click Advanced, and then click TCP/IP. Click on the Configure IPv6 pop-up menu (typically set to Automatically) and select Off.
See this link for details.
8. Enable full disk encryption (MacOS X 10.7+) or FileVault.
In MacOS X Lion, Apple updated their encryption solution (FileVault) and added full disk encryption. It is now known as “FileVault 2”. This has the advantage of security the entire disk instead of just your home folder and can be very useful if your laptop gets stolen.
See this link for details.
9. Upgrade Adobe Reader to version “10” or later.
Adobe Reader is also a preferred target of cybercriminals. Version 10 includes numerous security enhancements which make it a lot safer than any previous versions.
10. Install a good security solution.
It is no longer true that “Macs do not get viruses.” After six years, the situation has changed considerably. The Flashback trojan which appeared in September 2011 caused a huge outbreak in March 2012, which amounted for over half a million infected users worldwide. Thus, a security solution is absolutely required for any Mac user. One can easily download and install a trial of Kaspersky Anti-Virus for Mac.