Security awareness training alert – Apple Mac computers targeted by new ransomware attack

Apple Mac Ransomware

Frequently when I provide onsite security awareness training business sessions, I am asked if Mac Apple computers are safe from computer viruses. My answer is always a strong “NO” but with some explanation.

First off, we know that there are fewer viruses associated to the Apple operating system than with the Windows operating system. However, there are still enough risk to warrant strong security measures for anyone using an Apple Mac.

McAfee Computer Security has estimated that there are approximately 450,000 malicious programs aimed at Macs[i] . As the Apple Mac user base grows, so does the number of targeted malware versions. Recently, a new form of ransomware targeting Apple Mac devices has been discovered called MacRansom.

It seems like most Apple Mac users assume that their systems are safe from things like ransomware attacks. Well it is just that false sense of security that new ransomware attacks are looking for.

According to a recent blog by the security companies Fortinet and AlienVault, a new Apple Mac ransomware attack has been discovered. This malware is called MacRasom which offers ransomware as a service.[1]

This Apple Mac ransomware does everything that Windows ransomware does. This malicious code will encrypt the Apple Mac hard drive and hold the data for ransom.

Protect against ransomware:

  • BACK UP – BACK UP – BACK UP! Back up your hard drive. This is your best way to “turn back time” if your system becomes infected with a ransomware attack. Regular backups of your home system are now required to reduce your risk of losing your data. Remember not to leave external drives attached to the system after the backup as they can also be encrypted by the ransomware.
  • Update all operating systems and anti-virus and anti-spam software – make sure that security updates are enabled and that you have the latest version of your anti-virus definitions.
  • Watch out for phishing email & stop clicking on every link and attachments you get! Clicking on a phishing email message is most likely the way you can get infected with a ransomware attack. So slow down when opening email messages. You do not need to open all your email messages, and you should delete messages you do not need to read. So, get into the habit of ignoring suspicious email messages and links.
  • Did I mention BACK UP???

The value of security awareness training

This is another crime, where security awareness training can help to reduce risk. Being aware of new crimes and scams in the news is a fundamental part of security awareness training. Insuring that employees, family and friends are aware of this scam will greatly reduce the likelihood that you will be victimized.

Sharing new scams and crimes you hear about in the news with others, is important to ensure that the people you care about do not fall victim to these types of crimes.

The Center for Information Security Awareness, CFISA, has been providing online and in-person security awareness training since 2007. The CFISA courses stress the importance of education and understanding the current risk and scams as an important way to protect yourself against these types of crimes.

Ongoing security awareness training is a great way to educate employees to the risk associated to this important issue.

Do you need help with security awareness training for your employees?

Contact CFISA and we will help you with a training option to fit your budget!

Security awareness training options can be found at the Center for Information Security Awareness – CFISA (