There are many reasons why any business with a connected fleet of technology products you need strong security policies. But the need to protect the business against legacy vulnerabilities with third-party software should be among the top motivators. While I shouldn’t need convincing computer world readers to keep things under lock and key, I want to repeat two recent reports to reinforce the warning.
Half of all macOS malware comes from an app
Elastic Security Labs (via 9to5Mac) recently estimated that half of all macOS malware is installed as a result of poor management of the MacKeeper utility application. The report says that almost 50% of Mac malware comes through its installation.
What the utility does is to optimize Mac performance and monitor the internal resources of the computer; the problem is that to do so requires the user to give it permission to access critical processes and files. It’s not the app that’s at fault per se, but those permissions make it an attractive target for adversaries looking for weaknesses in it to undermine system security.
Rather than being protected by all of the system-level security settings inherent in Apple’s desktop platform, MacKeeper users find their systems protected only by the application’s inherent security, which appears to be less secure, given how often with which Elastic Security Labs claims it is used. to make an attack. This is the danger of any software granted inherent system privileges, but it’s also the risk you run when you use any form of third-party software on a Mac, iPhone, PC, or iPad that hasn’t been updated in a while.
Millions of apps are orphans
New investigation from fraud protection firm pixelated claims that more than 1.76 million apps currently available on the Google Play Store or Apple App Store have not been updated in two years or more. The researchers also identified 324,000 apps that have not seen maintenance updates of any kind for more than five years.
The problem with abandoned apps is that they may contain unpatched bugs or privacy and security vulnerabilities, once again potentially putting your business systems at risk. You see, instead of targeting the system, criminals can target the application.
Worse still, they may choose to exploit an orphaned account to mount a convincing phishing attack; that is the type of vulnerability exploited for attack Avast and NordVPN. A 2020 Verizon security report found that 80% of breaches used brute force attacks or stolen credentials, and it’s much easier to brute force an insecure application.
Here are some details that provide some sense of inherent risk:
- There were 1.76 million abandoned apps in Q3 ’22, an increase of 8% quarter over quarter.
- To be fair, the number of abandoned apps offered by Apple decreased by 1%, while Google’s grew by 18%.
- More than 14,000 abandoned apps with programmatic ads amassed more than $8 million in ad spend.
- 44% (22k+) of registered abandoned apps in Russia are abandoned, 39% (34k+) in China, and 36% (126k+) in the US.
- 49% of likely child-targeted apps available for download in the Apple App Store will be abandoned as of Q3 2022.
Simple for the consumer, safe for the business
Managed device fleets where application installation permissions are enforced or remote installation of applications is managed should be more secure. But since most of the devices used today comprise both personal and business tasks, user education is the best way for companies to protect themselves.
This has always been the way.
Any tech user must get a little paranoid. Just as most of us know not to click on weird links in texts and messages from strangers, we also need to learn to aggressively check our installed apps to make sure they’re still being updated. Businesses should also engage in regular application reviews to ensure that software mandated for use across the enterprise is still supported and maintained. As we learned earlier this week, this extends to software components used within your applications.
Who watches the app stores?
But perhaps the biggest responsibility remains with the app stores themselves. Apple is in the process of evict outdated apps. Any app older than three years that hasn’t been updated is said to be removed after a warning period in which developers can update the software.
This curation is potentially why the number of apps of this type on the App Store has started to dwindle (and is still a good reason to). walled gardens to receive some protection). But, as the security challenge becomes increasingly complex, this may not be enough.
Ultimately, it should be difficult to install insecure or out-of-date apps, and customers who try to do so, from any store, should be warned that the app they want to install on their device hasn’t been updated for a while.
It’s just a piece of endpoint protection puzzle, of course. But as we live in interesting times, the need to stay safe is intensified and every business and every user needs to be very careful around orphaned apps.
Copyright © 2022 IDG Communications, Inc.