The days when Macs didn’t need antivirus are long gone. macOS does have robust, built-in security features that makes Macs inherently safer against viruses than PCs. But, to some extent, macOS’s fabled invulnerability against viruses relies on the fact that Windows PCs are much more common, and are therefore targeted more often by malware written to run on Windows. And, sure, that’s still true to some extent.
But, recently, it’s become clear that Macs are more vulnerable to viruses and malware than once thought — not least of all because hackers and scammers have caught on that Mac users don’t think they’re vulnerable. The higher price of Mac devices, combined with users’ tendency, even now, to think that Macs don’t get viruses, can make these devices seem like a deliciously ripe and low-hanging fruit for desperate cyber criminals. Here’s what you need to know to protect your Mac.
Many Mac users still rely on macOS’s built-in security features to protect their systems from malware, but, while macOS has more robust security protocols than Windows, it doesn’t have more robust security protocols than most antivirus programs. MacOS uses XProtect, a malware scanner, to check all downloaded files malicious code. However, it only updates its malware definitions when it installs a systems update, whereas most antivirus programs update their threat definitions daily. XProtect’s threat list is also significantly smaller than that of any robust antivirus program.
Because most malware comes disguised as an app, macOS Gatekeeper blocks any apps that don’t have an official Apple developer certificate. There are several problems with this. First, hackers have learned to convincingly spoof the developer certificates and slip their malicious apps into the App Store. Second, third-party developers may not want to pay the $99 fee for a certificate, whether because money is tight or the app is open source. The certificate requirement can keep non-malicious apps out of the App Store, while letting malicious ones in. And, third, users can circumvent the block, and install a non-verified app despite warnings from Gatekeeper. This can be a good thing, in the case of a trusted app from a third-party developer that simply doesn’t have a certificate. But there will be some users who override Gatekeeper in order to install a malicious app by accident.
You’d like to think that there aren’t any inherent security flaws hidden in your system Mac OS or in your hardware, but you’d be wrong. Hackers are constantly discovering and exploiting security flaws in operating systems and hardware. And if you’ve used a Mac at all in the last 20 years, you used a computer with two massive security flaws: Meltdown and Spectre.
MacOS is built to restrict access to system-critical data and files. System integrity protection (SIP) keeps apps from accessing core system directories and other data that the system needs to function. But hackers could have exploited the Meltdown and Spectre flaws to access those most sensitive parts of the system. While there’s no evidence that this actually happened to anyone, it’s sobering to think that all Macs manufactured over a 20-year period had such glaring flaws.
You’re actually not very likely to catch a Mac virus in the “traditional” way, from visiting a malicious website or even downloading a dubious email attachment. Once you’re using a comprehensive antivirus for Mac, you’re even less likely to catch a virus that way.
Instead, if your Mac does get infected, it’ll probably be because you installed a malicious app without realizing it. Since Gatekeeper allows users to bypass its warnings about an unverified app, many users may think that the warning is a false flag or simply fall into the habit of clicking “ok” on every dialogue box (a phenomenon Mac users have dubbed “dialogue fatigue”). Downloading pirated software or files, using unsecured public wireless networks, and failing to install system updates when available can also leave your Mac more vulnerable to malware.
Use a comprehensive antivirus program for Mac to protect your device from your very human tendency to forget things and make mistakes. Set your Mac to install updates automatically, and avoid downloading files and software from unauthorized sources. Stay off public wireless networks, and if you do use them, use a VPN.
Don’t fall into the trap of thinking your Mac doesn’t need antivirus software, because it does. You can still accidentally install a malicious app, or discover tomorrow that your system has been affected by a zero-day flaw. Install antivirus software on your Mac now, and let the hackers go after someone else.