Connect with us

Tech

Does your Mac need antivirus software?

Go ahead and install that antivirus program on your Mac. Your system needs the protection — and so does your sensitive personal information.

macbook glowing keyboard
Image: Unsplash

As a Mac user, you’ve probably heard that you don’t need antivirus protection for your system, because hackers don’t write malware for macOS. But that is changing — or, to be more accurate, it has changed.

Hackers have caught on that Mac users are low-hanging fruit, precisely because many of them don’t install antivirus software. And, as more Windows PC users wise up and secure their devices, Mac users look like even more appealing targets.

That means the time has come to install antivirus software on your Mac, if you haven’t already. It can help fill the gaps in Mac’s built-in security features, and protect you from the most common cause of cyber attacks — user error.

Mac’s Built-in Security Features Are Lacking

macOS relies on a robust permissions structure to protect the system from malware, and 20 or 25 years ago, that may have been enough. XProtect runs in the background, quietly scanning files as they’re opened, without sacrificing performance.

Gatekeeper checks downloaded apps for Apple developer certificates to make sure they’re okay. And sandboxing of apps ensures that downloaded apps only have the system resources they need to function, and can’t go rooting around in your directories or looking for your sensitive files.

But these systems all have major flaws. XProtect, for example, has a shockingly tiny malicious signatures dictionary — it’s only got 94 entries. Literally, any other antivirus software has a longer definitions list than that, and the definitions list is a primary tool these programs use to look for malware — they tell the software how to recognize malicious code. If a specific piece of malware’s signature is not on the list, XProtect won’t recognize it as malware, even if it very much is.

Gatekeeper has its drawbacks, too. For one thing, an Apple developer signature doesn’t actually say much about how trustworthy or untrustworthy a given piece of software is. Plenty of totally legitimate programs don’t have Apple developer signatures. For example, many open-source developers don’t see the point in paying the fee to get an Apple developer certificate for their piece of software that they plan to give out for free, and that doesn’t mean that the software isn’t trustworthy. 

Having the Apple developer certificate isn’t a guarantee that an app is trustworthy either — at least, not anymore. The OSX/Crescentcore attack used a fake Apple developer certificate to fool Gatekeeper, which means that hackers can now bypass Gatekeeper’s protections. And, of course, hackers are always looking for new zero-day flaws to exploit, like they did with OSX/Linker, which exploited a zero-day flaw in Gatekeeper to bypass it and infect macOS.

Your System May Have Flaws No One Knows About Yet

MacOS uses system integrity protection (SIP) to protect the integrity of core files by blocking any apps at all from accessing those files. That would be a great security feature — if it could be trusted. But the Meltdown and Spectre flaws, discovered in 2018, found that nearly every CPU manufactured for two decades possessed gaping vulnerabilities that could have allowed hackers to access parts of the system they should have been locked out of — including those behind the SIP wall in Macs.

What does that mean? While Meltdown and Spectre may have been addressed, other massive flaws could be sitting undetected on your OS right now. Hackers find and exploit unknown security flaws, known as zero-day exploits, all the time. A robust, comprehensive antivirus for your Mac offers max security features to protect against zero-day exploits, phishing scams, ransomware, and more.

Antivirus Protects You From Yourself

Have you ever woken up, plucked your phone from the nightstand, opened up Facebook, and been met with a frantic message from a relative, claiming that they’re stranded in Edinburgh and need you to wire them money? It’s a classic phishing scam, and if you were fully awake and alert you might recognize that, but you’re groggy and send the money without thinking about it. Or maybe you’re using your machine and one of your apps requests permission to do something and you just go for it without a second thought. 

It’s normal to make mistakes, and that’s why you need antivirus software. If you never see the suspicious message, you can’t fall victim to the scam. If your antivirus software blocks the malicious app, you won’t have to worry about whether it really needs permission to access your contacts. It’s much easier to protect yourself when you have an antivirus suite, especially if you’re not very tech savvy.

So go ahead and install that antivirus program on your Mac. Your system needs the protection — and so does your sensitive personal information. 

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Tech