Mac security 101: Ransomware

Whenever a new strain of ransomware is discovered, Mac users are barely affected by the news. But there are rare occasions where ransomware specifically targets Mac computers. Being aware of and knowing how to defend against these threats is crucial if your business mostly relies on Mac devices. Here’s what you need to know about Mac ransomware.

What is Mac ransomware?

Ransomware is a type of malicious program that forcefully holds computer systems hostage until the ransom is paid in untraceable cryptocurrency. It’s typically distributed using phishing emails, but it can also spread via unsecured networks.

When Mac computers are infected by ransomware, users won’t be able to access their data since it’s fully encrypted. Ransomware messages will also threaten to release the information to the public or destroy sensitive data if victims don’t pay by a certain deadline. Healthcare and finance organizations, in particular, are more likely to pay the ransom because they need constant access to critical data.

Types of Mac ransomware

Even though Mac ransomware is less prevalent than Windows ransomware, there have been some cases in the past couple of years.

In 2016, KeRanger ransomware was distributed through popular BitTorrent app Transmission. KeRanger was signed with an authorized security certificate, allowing it to evade the macOS’s built-in security measures. The ransomware also infected more than 7,000 Mac computers.

Patcher was another strain of Mac ransomware that was discovered in 2017. This type of ransomware disguised itself as a patching app for programs like Microsoft Office. When opened, Patcher would encrypt files in user directories and ask for a ransom paid in Bitcoin. The problem was the ransomware was so poorly built that there was no way to retrieve the decryption key once the ransom was paid.

Attacks like these can make a resurgence at any time, which is why you need to learn how to deal with them.

An ounce of prevention goes a long way

Preventive measures are the best way to keep your Macs safe from ransomware. This involves updating your software regularly to defend against the latest threats and only installing programs from the official App Store.

Since ransomware initially infects computers using phishing emails, make sure to avoid suspicious links and email attachments. Always be on high alert even if the email appears to come from a legitimate company or someone you know.

You must also maintain backups and have a disaster recovery plan to keep your business running in the off chance that ransomware successfully infiltrates your systems.

Responding to ransomware

If your Mac is infected with ransomware, never pay the ransom fee. There’s no guarantee that hackers will release your data if you give in to their demands, much like what happened with Patcher ransomware.

Instead, use an up-to-date antimalware program to remove ransomware on your computer. Cybersecurity experts will also release free ransomware decryptor tools to clean up the infection, so keep an eye out for these on the internet. If these programs and tools are not effective, contain the spread of the ransomware by disconnecting from the network and run data recovery procedures — provided you’ve backed up your data in an external hard drive or the cloud.

Mac ransomware attacks may not be common, but they’re still a threat you need to prepare for. If you need more guidance, contact our team of security experts today. We stay abreast of the latest Apple threats and know just how to keep your business safe.

Published with permission from TechAdvisory.org. Source.


Email is the primary avenue of attack for most cybercriminals, who use it to target individuals and businesses with phishing scams, ransomware attacks, and other cyberthreats. Learn how email security maintains the integrity of your emails, accounts, and data.GET A FREE COPY NOW!
+