Apple’s Mac computer line has proven itself over the last decade as a significant competitor to Microsoft’s Windows platform. Alongside a powerful software and hardware ecosystem, Apple has also garnered a more “secure” reputation than Windows PCs. But, as you’ll find out, the myth of better security reveals core misunderstandings of how cybercriminals attack.
Reliability is important when making any large purchase, especially with technology. Among these reliable expectations, security is high on the list for desktop and laptop computer users.
While these platforms are on a relatively even playing field, it is important to understand why Mac computers gained a safer reputation in the first place. Furthermore, you should learn why your own use habits can compromise your safety no matter what computer you use.
In this article, we’ll answer some common questions around Mac and PC security:
- Are Macs more secure than PCs?
- What do Macs and PCs offer to keep users safe?
- Do Macs get viruses?
- How can I protect my computer from malware and other cyber threats?
To start, we’ll begin with the basics.
The Scope of Mac and PC Computer Threats
In the past, there was a general belief that Macs were much more secure than Windows PCs. Many Mac users believed they were much less likely to encounter the negative effects of malware and cyberattacks. In fact, it was often assumed that Macs were less likely to get infected or attacked at all.
However, the growth of Mac-focused cyber threats in recent years has led many users to question just how secure Macs are. The rising popularity of Mac operating systems in recent years has made them a prime target for cybercriminals and Macs have subsequently fallen prey to several viruses, malware, and other web threats.
In just the past few years, Mac users have endured a ceaseless stream of new threats. A few of these threats include the Flashfake botnet, the Koobface worm, and Mac Defender malware. In addition to these newfound threats, Mac users also face perennial risks from phishing scams, spam, and other types of web threats of virtually every kind.
The Mac Security Myth: How Popularity Influences Cyberattacks
One simple principle can explain why Mac was believed to be more secure: cybercriminals simply chose to attack more popular platforms instead.
Part of the long-held belief that Macs are less susceptible to viruses comes from the simple fact that there are fewer Macs than PCs. Criminals create viruses to make money off the cyberattack — it makes sense to go after the PC first, as it's the bigger target, and therefore holds higher potential value.
Since the late ’90s, Microsoft has had its Windows operating systems on most personal and enterprise computers. For a hacker or cyber-scammer, creating attacks for popular platforms is a bit like creating a universal key to break into thousands of homes. Meanwhile, much smaller platforms like macOS and Linux remained mostly untouched for the better part of a decade.
As Macs numbers are growing, they are stealing market share from Windows PCs — both in business and in the home. Since 2003, macOS has grown from 2.26% to 10.18% of the OS market as of July 2019. While Mac popularity can be attributed to their sleek design and ease of use, the lack of ongoing malware threats has probably been appealing as well. This ever-growing, less cautious userbase has started to make macOS a very high-value target for cybercriminals.
The truth is that both Macs and PCs are very vulnerable to web threats and cyberattacks. Users of both operating systems should take the necessary steps to ensure that their systems are protected immediately, as the risk of malware and other web threats continue unabated year after year.
Response Speed for Security Fixes
When assessing levels of security, a platform’s technical support is just as important as the volume of cyber threats it faces. Your manufacturer’s response speed to security problems can either mitigate or amplify the damage of malware exploits.
For example, Apple's patch for 2012’s Flashback exploit took almost 50 days to be ready for distribution to macOS users. Worse, it was only available for users that were running macOS Snow Leopard and macOS Lion. Delays in security patches for OS-level exploits can have a very negative effect on the perceived effectiveness of security.
Windows may have more history with confronting these problems, which can give them the illusion of better security. That said, both platforms have their own share of security flaws and have had time to get familiar with protecting users. Nowadays, macOS and Windows PC have handled security updates with no notable delay issues.
Of course, computer security is more than just cyberthreat volume and response turnarounds. To get the full picture, you’ll have to know more about how these platforms handle other security duties.
Compare Security: Mac vs. Windows PC Computers
Between the two most popular platforms, Mac and Windows PC products have the tremendous task of safeguarding over 90% of all desktop and laptop users worldwide. Each has its own history and approach towards cyber security, which may shape how future threats affect them.
To a certain extent, the level of security you enjoy will depend on the version of macOS or Windows OS you’re running. For a meaningful comparison, it’s best to consider how the very latest — and fully patched — versions of each operating system compare with each other.
Apple’s macOS has a relatively lower rate of attacks as noted with its much smaller market share. This generally lends itself to a peace-of-mind use case for non-technical users. However, the growth and increased relevance of Apple devices may leave it open to a shift in attack rates.
Threat growth: Most interestingly, the volume of threats per Mac has grown at double the rate of Windows PCs threats as of 2020. With most of this platform-specific threat growth based in malicious downloads, direct exploits don’t seem to be a top target for Mac hackers. This may change as these criminals become more experienced with exploiting Apple’s Mac devices.
Browser safety: Mac’s native internet browser, Safari, has recently received an overhaul to bring robust ad-blocking features. Blocking ads, unwanted popups, and undisclosed tracking can secure highly compromising touchpoints for internet users. Despite ranking higher than Microsoft Edge, third-party browsers like Google Chrome and Firefox tend to rank higher due to Safari’s slower update cycle.
Out-of-the-box security: Apple macOS requires a bit less upkeep on the security side of the platform than Windows. This lack of pressing urgency is simply due to the lower threat presence on Macs versus PCs. Non-techie users tend to find these devices easier to reliably maintain and understand. However, user behavior may be more vulnerable on this platform due to the perception of relative safety to that of Windows.
Update frequency: Mac seems to have a far less proactive history of seeking and treating security issues on the OS compared to Windows. Relative to Windows, macOS may not currently require a constant update cycle since malicious parties tend to target macOS less frequently. Since proactive protection is the best security, macOS may be missing vital security with less frequent updates.
Windows PC Security
Microsoft’s Windows OS has a substantially higher rate of attacks, largely due to its dominant market share. Immediately, this platform demands a bit more attention for users to stay safe. A decrease in rates of attack is unlikely due to the massive hold on the OS market and the lack of exponential growth from the competition.
Threat growth: As stated previously, Windows PCs have had relatively lower growth in the volume of threats to the platform in comparison to macOS. However, this also implies that there is still an ever-growing threat for a platform that is already targeted more often than any other. Additionally, Windows faces threats that directly exploit system vulnerabilities without the need for downloads are a concern that doesn’t seem to plague Apple’s Mac computers.
Browser safety: Windows native browser, Microsoft Edge (replacement for Internet Explorer), has attempted to distance itself from the predecessor’s poor reputation. While their update cycle is incredibly strong with weekly security patches, their approach to user diagnostic reports is questionable at best. With these reports being traceable with IDs for every user device, it ranks lower than nearly every mainstream internet browser, including Apple’s Safari.
Out-of-the-box security: Windows requires a bit more upkeep than macOS. Both Windows and Mac have fairly invisible native anti-malware solutions. However, Windows users must take extra care to keep their various system components updated (OS, third-party antivirus, drivers, browsers, etc.) simply due to increased attack volume.
Update frequency : Windows appears to have a more aggressive history of discovering and patching security issues. That may be because they are probed far more often by malicious actors, but the effort is beneficial, nonetheless.
Mac vs Windows PC: Pros and Cons
Both macOS and Windows have their flaws and strengths which may sway your decision. With each user having very different levels of technical skill, you may find yourself choosing a platform that feels more comfortable and familiar.
Regardless of choice, you’ll find the most secure platform to be the one you know the best. Learning how to properly use your software will keep you more secure than any definitive security statistics can.
That said, here are some takeaways to help you see the big picture:
- Pro: Smaller attack rates, moderate browser security, ease of use
- Con: Perceived safety tends to weaken safe user behavior, larger threat growth, slower OS update cycles
- Tip: Less technical users may find this platform easier to navigate and keep safe.
- Pro: Smaller threat growth, constant OS update cycles, fairly reliable out-of-the-box threat protections
- Con: Largest cyberthreat attack rate of any OS, requires more attention to security upkeep, questionable data gathering from native internet browser
- Tip: Ideal for more hands-on users or those already familiar with Windows PCs.
The fact is all software is imperfect simply because it is human designed. There will always be a potential exploit in any OS, and a platform is only as secure as the weakest link in a device’s use. Interestingly, the biggest weakness of a device’s security is actually you — the user. You’ll need more than just a “secure” OS to stay safe during your computer use.
Why You Need Antivirus Software for Mac and PC
Windows PC antivirus software is common and recommended to users because of the platform’s very visible attack history. But, it's a rare event to hear about a widespread computer virus attack on Mac computers. So, you might question whether Mac antivirus software is even necessary. Can MacBook’s get viruses? Can Macs get viruses? Hopefully, by now, you realize that macOS is not infallible.
In past years, Macs have had their share of troubles.
Mac Virus Examples
- The Flashback virus infected over 600,000 Mac systems.
- The discovery of the aptly named "Pintsized" backdoor Trojan, able to defeat Mac’s Gatekeeper security.
- The multi-platform Clapzok. A virus — described as a "proof-of-concept" virus that can infect 32-bit executable files.
Currently, there are indeed fewer malware programs that are targeting macOS versus Windows. However, we’ve established that Macs need total security attention just like any other OS.
Estimates suggest that 700,000 macOS users suffered from the Flashback Trojan virus. Users that had believed they didn’t need antivirus software – because they were Mac users – found that their false sense of security offered no defense against the attack.
Sources of Mac or PC Virus Infection
Aside from the targeted cyberattack, human interaction or error is more likely to lead to a virus infection. These infections could stem from a variety of "unsafe" computer behaviors, such as:
- Visiting unsecured websites.
- Accidentally downloading malicious files.
- Accidentally opening infected email.
- Not maintaining up-to-date operating systems
Thus, even though there are fewer malicious programs targeting macOS, many Mac users now accept that they need to be much better prepared than previously. Just as PC users have done for many years, Mac users are now taking steps to bolster the security of their computers and are installing anti-malware products.
Humans make mistakes, after all, and the consequences can be brutal on your computer. It just means Mac owners need to be aware that their Macs can become infected just like a Windows PC. They should take steps to protect themselves — not just for peace of mind — but as a fundamental security practice. Getting equipped with antivirus software is something every computer owner should do.
How Can Mac Users Get Started with Antivirus Protection
A free antivirus for Mac software trial can be a good starting point. The trial allows you to get familiar with the level of security that can be attained with the product. If anything, it helps you get into the practice of home security.
In case you’re an owner of both macOS and Windows and are trying to find a balanced Mac vs PC virus protection, don’t worry. Many products are multiplatform and highly-effective on each — even covering your mobile devices.
Although there are several free antivirus options to choose from, it is important to select a product that is well-supported and maintained, and that offers sufficient scope of protection. Sometimes, can be wise to seek out the best paid antivirus for Mac. Premium features like enhanced real-time protections may only be available in paid software.
How to Protect Yourself on Mac and Windows PC
Cyberthreats will come for you regardless of which computer platform you choose. As such, it is your job to ensure you’re not engaging in risky behaviors, which are the biggest risk to your safety. For total security against social engineering tactics and other means, here are some time-tested tips for staying safe on your Mac or Windows PC.
9 Tips for Defending Against Malware Threats
- Keep all software up to date as soon as you possibly can. Especially for your OS, hackers exploit unpatched devices all the time. These criminals expect a large portion of a software userbase to wait on updating, which makes you an easy target.
- Replace unsupported, outdated hardware or software. Worse than delaying existing patches, you might be using products that no longer receives updates. Zero-day exploits run rampant on older devices and software, so it’s important to upgrade to vendor-supported products.
- Be sure to keep your antivirus protection active. Some users decide that the prompts from their antivirus products are too annoying or disruptive to continue using. If you feel this way, consider a less-intrusive antivirus software rather than opting to browse with no defense against cyberthreats.
- Use an encrypted connection any time you are on a network away from home. Notably, computer users on public Wi-Fi at coffee shops and airports are exposed to threats like man-in-the-middle attacks. Virtual private network ( VPN ) services allow you to have a private, encrypted connection tunnel that blocks out any malicious parties and anonymizes your data to prevent activity tracking via cookies .
- Use strong, unique passwords across all accounts. Your OS accounts need especially durable passwords since they provide access to your entire system. To improve your Apple ID and Microsoft account security, use long passwords with a variety of character forms. Use passphrases and other high-security techniques when possible. Consider a password manager to help you randomly generate and store new ones.
- Limit the permissions of applications on your computer. Software and even the OS itself might ask you for access to your webcam, microphone, or GPS location. Consider whether the app in question truly needs this data and if you trust it with your data.
- If in doubt, always assume the worst-case scenario and act accordingly. Ask yourself what a malicious party could do with your leaked data or access to your computer.
- Always read installation terms before proceeding to install new programs. Some software can come bundled with unwanted secondary applications or requirements of use. These terms may be opt-out only, meaning you may have to uncheck boxes or cancel installation entirely to avoid these potential dangers.
- Consider using a non-administrator account for your daily use. Malware tends to need high-level administrator permissions to install and run properly. You can prevent this by only using an admin account for particular tasks like trusted program installation.
6 Tips for Defending Against Social Engineering Threats
- Always be cautious of senders and websites urging you to take action. Whether a link, file attachment, or a request for personal information, always stop to consider what could happen if this is a malicious message. Follow up in person or via contact info not included in the suspicious message.
- Never directly click a link, always find an official URL, and manually enter it. Phishing scams often use malicious links disguised as reputable individuals or organizations. Avoid following these to keep yourself safeguarded against these threats.
- Be wary of any oddly spelled email addresses or links. Visually similar spelling is a reliable tactic used by hackers to mimic trusted websites or senders. For example, a URL might contain “firstname.lastname@example.org” instead of “email@example.com” to fool you.
- Avoid sharing any potentially sensitive information online. Many social media posts are filled with answers to account security questions, such as your pet’s name or the street you grew up on. You’ll want to take care that you don’t share any of this, even if you are only visible to friends. Criminals often pose online as people you know to get closer to your private data.
- Prevent public visibility of online profiles and avoid accepting unexpected requests. The old approach to online friends was to avoid accepting requests from strangers. However, recent years have shown that criminals infiltrate friend circles by pretending to be one of your friends. They do this via a fraudulent profile or hacking their real one. Be wary of friend requests or an odd message asking for details like your phone number.
- Be observant of any odd details in popups, emails, and other communications. Nowadays, phishing schemes are more convincing with their urgency and context-appropriate targeting. For example, fake popups may suggest that Windows Defender has been compromised and prompt you to download an update. However, quick research will show you that the prompt is not legitimate. Unofficial images, poor spelling and grammar, and ambiguous claims can all be signs.
Want to protect yourself from malicious online attacks and fake popups? Try Kaspersky Security Cloud today — available for Mac and Windows PC.