Last December an article in Tech News World took a shot at forecasting the year ahead in cybersecurity. Among the predictions in the article was this from SentinelOne, a leading provider of endpoint protection, “Cybercriminals will train their gaze on Apple more often next year…An acceleration of those attacks is likely…because Apple continues to grow its share of the enterprise market, where it has become a darling of executives who are ripe targets for hackers.”
Apple has long enjoyed a reputation as a company whose products are safe. Apple’s many devotees historically have been quick to tout how secure their devices are, but they now are starting to feel just a little uneasy. Many security experts have suggested that Apple’s reputation for security is a bit of a myth. After the high profile iCloud hack last year that garnered so much attention because it exposed nude photos of celebrities, Apple users started to pay attention to an expanding list of vulnerabilities. Apple users are starting to wake up to the reality that their devices and data are vulnerable too.
Now this. On Monday Apple announced it was cleaning up its iOS App Store to remove malicious iPhone and iPad programs that were placed there as part of a large-scale attack on Apple. The announcement came after several cybersecurity firms reported finding a malicious program dubbed XcodeGhost that was embedded in hundreds of apps. The hack itself was both clever and troubling. Developers were tricked into using counterfeit versions of Xcode, Apple’s development software, to submit apps. The fake Xcode then put malicious code into otherwise-legitimate apps that were not detected by Apple during the submission process.
While the attack will take another bite out of Apple’s reputation, its bigger impact may lie in what it tells us about the ability of hackers to infect machines of software developers writing legitimate apps. Developers may increasingly become targets for these attacks, which would further complicate life for both the sellers and users of these apps.
By Tom Davis, SDI Cyber Risk Practice
SDI #CyberTuesday offers insights and commentary on cyber risk management by SDI’s trusted cybersecurity, privacy and data security experts, skilled practitioners whose decades of experience working for governments and corporations around the world distinguish them as strategists and crisis managers.
You can view previous blog posts on cyber risk management here.
September 22, 2015