New Flashback Trojan Variant Found

By | Apr 30, 2012

Mac users had a rude awakening with the recent Flashback Trojan epidemic, the biggest incident for OS X to date. Though Apple released patches, removal tools, and instructions over the past week, the decline in infected systems isn't what Symantec expected. Now that Macs have gained market share, and will probably only continue to do so, more incidents are likely to come. Now, as a senior IT professional, you ideally already had anti-malware and firewalls in place. However, if your measures weren't enough, or if you have employee-owned Macs in the workplace, you might be dealing with the fallout.

Macs Are No Longer Safe

In general, Mac users have had the safety of being a low-priority target and therefore, not much a target at all. This has been due to low market share, but Macs have become more popular. Presumably, high iPad and iPhone adoption rates have turned more attention toward Apple's other products, including the Mac. At any rate, it's obvious now that cyber criminals have deemed OS X a worthy target.

The Flashback Trojan issue hasn't subsided very quickly, as there are still apparently 140,000 infected systems, according to TechRepublic. The Trojan was originally distributed by tricking users into downloading a "Flash plugin." Considering that some 600,000 units were affected, your end users are just as callous as ever. And it doesn't stop there. A new variant of Flashback was discovered by Intego, one that does not even ask for a password; it exploits a Java vulnerability that only requires you to visit the wrong Web site, according to ZDNet.

Mac Users Can't Dawdle

This is only further reinforcement that, if you have any, your midsize business's Mac users can't dawdle. Java patches are critical, but beyond that, perhaps evaluating your security solutions to make systems "foolproof" or as close to it as you can is necessary--especially now that Macs are a growing target. If you had any such lackadaisical attitude toward Macs in the workplace, now is the time to ditch it.

This is also a reminder that while the "bring your own device" (BYOD) movement is tablet and smartphone centric, that's not what it's all about. Employee-owned laptops clearly need managing as well, and your solutions need to reflect that if your midsize businesses infrastructure is to succeed. In fact, high workplace adoption rates of smartphones and tablets may only serve to drive the desire for personal laptops in the workplace as well. Your needs may not be that of a larger business, but the burden of security remains. Luckily, as a midsize business IT professional, you have the, albeit negligible, benefit of dealing with fewer devices in all.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Security & Resiliency

IBM's IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

10 Big Data Analytics Privacy Problems

By Rebecca Herold on Jun 30, 2014
10 Big Data Analytics Privacy Problems Big data analytics are being used more widely every day for an even wider number of reasons. These new methods of applying analytics certainly can bring innovative improvements for business. For example, retail businesses ...