According to statcounter, Apple’s operating system, macOS (formerly OSX) in particular, has a market share of around 17%, making it the second most widely used desktop operating system. This makes for an attractive market where cybercriminals are constantly on the lookout for vulnerabilities that can be effectively exploited.
Likewise, today’s use of cross-platform malware through new programming languages facilitates much wider deployment and a broader scope of victims. This type of malicious code is designed to attack multiple operating systems, including macOS. This would provide potential “tools” for cybercrime to make the most of them, obviously in a malicious way.
For this reason it is important to be aware of certain considerations beyond the operating system so that, as an IT user or administrator, you can strengthen these types of systems. While there are recommendations and good practices that should be followed to keep the device and the information it manages as secure as possible, the focus of this article is to share some additional security tools that you can have at hand beyond the operating system.
Security Tools to Be More Protected
The following are some of the most important (open source and free) tools for protecting your operating system:
- BlockBlock: monitors the most common locations used by malware to gain persistence and triggers alerts each time they are modified with a new file
- FSMonitor: is an application that monitors and visualises, in a user-friendly graphical environment, all changes in the file system.
- KnockKnock: you can identify illegitimate software installed on your computer and potential malware persistently installed on your system
- LinkLiar: in particular cases, in order to protect your privacy, you may need to change your MAC Address and this programme will allow you to easily do so
- Lynis: allows you to perform an exhaustive diagnosis of the system and measure the level of hardening of the system. It is a very complete tool
- OverSight: monitors the system’s webcam and microphone, alerting whenever any process tries to access them
- RansomWhere?: continuously monitors encrypted files for suspicious processes, can stop the process that is running the ransomware and attempts to minimise the consequences of infection within the system
- ReiKey: identify malware by monitoring the user’s actions, mainly by looking for keyloggers on the system
- Santa: developed by Google, consists of a macOS kernel extension that monitors application white/blacklisting.
- Stronghold: simple program to easily configure macOS security settings from the terminal
- TaskExplorer: allows you to see all the processes running on your computer, including any malware that may be present. In addition, it integrates with VirusTotal
As I mentioned at the beginning of this article, don’t forget that the operating system itself has several security and privacy controls that you should be aware of. In addition, tools change and the important thing is to remain updated from the various sources that exist today through repositories, initiative procedures, specialised technical articles, videos and much more that can add up to your devices, or your infrastructure if you are a company, being more protected from threats to macOS systems.
Apple devices in general are increasingly being targeted by cybercrime, so you should adopt each of these recommendations to avoid becoming a victim of online attackers.