A few years ago Apple and its operating system and products were considered somewhat impervious to criminal hacks—or at least, less vulnerable than Microsoft Windows and other PC systems. That picture is changing: Over the past five years, Apple released a growing number of security updates in response to the vulnerabilities detected in its products. According to data from Cisco IntelliShield, while reported vulnerabilities and updates are on the rise from most major vendors, Apple shows the greatest increase.
“As with most large vendors with a broad product base and many new product and software releases, you’d expect to see a related increase in vulnerabilities,” explains Jeff Shipley, Security Research and Operations manager at Cisco. “In Apple’s case, the difference is that its products are being rapidly adopted by a growing user base, providing an attractive pool of potential targets.”
In other words, Apple reached the “tipping point” at which scammers see potential in shifting their exploits to a new venue. To its credit, Apple took substantial steps to protect its technologies against exploits:
- Created a tightly controlled application store that limits malicious application postings
- Developed proprietary controls to limit user environments
- Made Java installations more secure
However, at the same time, some users do their best to bypass these safeguards, “jailbreaking” their products so they can be used with non-Apple applications and unapproved service providers.
Excerpted and adapted from the Cisco 2010 Annual Security Report