Duo Security Says Macs To Be Susceptible To Firmware Attacks

Duo Security Says Macs To Be Susceptible To Firmware Attacks

Cyber attacks are causing a great threat to companies and firms from all around the world. Every firm makes efforts to protect it from such attack. And similarly, Apple Inc., since 2015, has been making efforts to guard its Mac line of computers from a sort of hacking that is awfully difficult to identify. However, it has not been completely successful in attaining the fixes to its users, as per the research of Duo Security.

In Mac computers, what is called as firmware, was scrutinized by Duo. Firmware is an inherent software sort that is even more basic than an OS such as macOS or Microsoft Windows. When a PC is switched on—prior to the booting up of the OS—firmware verifies to make certain that the basic components such as the processor and hard disk are present and notifies them what to do, which makes malicious code obscuring in it difficult to spot.

In the majority cases, the firmware is irritating to update with the most recent security patches. Upgrades have to be executed discretely from the OS updates that are more usual. Apple, in 2015, initiated bunching firmware updates together with OS upgrades for Mac machines in an attempt to guarantee firmware on them remained up-to-date.

Around 73,000 Mac computers’ operating was surveyed in the real world by Duo and discovered that 4.2% of them weren’t executing the firmware they should depending on their OS. In few models—such as the one introduced in late 2015, the 21.5-inch iMac—43% of devices had outdated firmware. This left several Macs easily hacked by attacks such as the “Thunderstrike”. In this, the attackers, through plugging an Ethernet adapter into the purported thunderbolt port of the machines, could control a Mac.

apple security

Ironically, it was only feasible to discover the potentially susceptible devices, as Apple is the lone computer manufacturer that has endeavored to make firmware updates fraction of its normal software upgrades, making it more trackable as well as the best in the service for firmware updates, according to Duo’s Director of Research and Development, Rich Smith.

Duo mentioned that prior to making the findings public, Apple has been informed about the same. Apple, in a statement, said that it was conscious of the problem and is moving to tackle it.

The company said, “Apple persists to work meticulously in the field of firmware security and we are constantly looking out for approaches to make our systems even safer. With the purpose of providing a safer and more protected experience in this field, Mac firmware is automatically validated by macOS High Sierra weekly.”

Akash Gokhe

Akash Gokhe

Akash is trained in multidisciplinary disciplines ranging from remote sensing, information science to mathematics. Besides being a student of science, he loves to express himself through words. He believes in the theory that no event which we see in our surrounding is a coincidence or happened randomly. Instead, they are just a consequence of combination of factors which surfaces in space-time domain. Therefore, we must be observant to understand the process responsible for triggering an event. So, he likes to stay observant and whatever he observes or learns from the surrounding, he loves to share to identify the missing links in his interpretation.

Leave a Reply

Your email address will not be published. Required fields are marked *