Cyber criminals are increasingly targetting Apple devices such as iPhones and iPads as these products gain popularity among consumers across the globe, including India, says a report by security solutions firm Symantec.
Besides, 2016 could see more attacks on the iOS platform that has been perceived to be “free from malware” in the past, it added. “Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5 per cent of global smartphone shipments and 7.5 per cent of global PC shipments.
“This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing specific malware designed to infect devices running Mac OS X or iOS,” Symantec director solutions product management (Asia Pacific and Japan) Tarun Kaura said.
He said that although the number of threats targetting Apple operating systems remains quite low when compared to the company’s main competitors such as Windows and Android, the amount uncovered has grown steadily in recent years.
“In tandem with this, the level of Apple-related malware infections has spiked, particularly in the past 18 months.
Should Apple’s popularity continue to grow, it seems likely that these trends will continue in 2016.
“Apple users should not be complacent about security and change their perception that Apple devices are “free from malware” — this perception opens up opportunities for cyber criminals to take advantage of these users,” he said.
He said security researchers have also given a greater focus on vulnerabilities in Apple software with a number of high-profile flaws uncovered in the past year.
The findings are a part of Symantec’s predictions for 2016.
The number of iOS malware threats discovered to date, though small in number, has begun to increase with seven new threats discovered to date in 2015, up from the previous high of three in 2014.
These threats span from ordinary cyber crime gangs branching out to Apple platforms to high-level attack groups such as the Butterfly corporate espionage team that infected OS X computers in targeted organisations, Kaura said. Talking about the government and enterprise segments, Kaura said cyber attacks on critical infrastructure and Internet of Things (IoT) points could also increase.
“We have already seen attacks on infrastructure and in 2016 we can expect this to continue to increase. Motivations for critical infrastructure attacks are both political and criminal, with nations and political organisations operating cyber-warfare campaigns, and criminals attacking for profit or ransom,” he said.
The industrial IoT is becoming more connected due to requirements and demand for reporting and improved functionality through connectivity with additional services.
“These changes introduce bigger attack surfaces into the more traditionally hard to secure environments,” Kaura said.
Citing a Gartner report, Kaura said close to 30 billion “connected” things will be in use across a wide range of industries and the IoT will touch every role across the enterprise by 2020.
“As consumers buy more smart watches, activity trackers, holographic headsets, and other Internet of Things (IoT) devices, the need for improved security on these devices will become more pressing.
“As market leaders emerge and certain ecosystems grow, the attacks against these devices will undoubtedly escalate, as we’ve already seen happen with the attacks on the Android platform,” he said.
Also, with these changes happening so rapidly, regulation may be forced to catch up with technology in 2016.
“We may find that some countries or industries will begin to develop guidelines that address the new risks of information use, data ownership, and consent presented by IoT devices,” he said.
