Report finds macOS fares worse than Windows and Linux at preventing cyber attacks

Report finds 40% of environments are vulnerable to complete take over

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A worrying number of environments are vulnerable to complete takeover via escalated privileges, anew reportfrom Picus Security has found.

Environments were tested in simulated attacks, with the average organization managing to defend against 7 out of 10 attacks across all vectors such as email, web application and endpoint attacks, but considering the constant threat presented by organized cybercrime groups this leaves a serious margin for potential intrusion.

Out of all the attacks simulated, over half (56%) were logged byfirewalls, while just 12% triggered an alert.

Organizations at risk of take over

Organizations at risk of take over

Full environment takeovers occur when an attacker can escalate their privileges to an administrator level, giving them access to move throughout systems and networks to steal data, installmalwareand much more. Picus was able to achieve domain admin access in 40% of the IT environments it tested.

When it comes to whichoperating systemswere most successful at keeping out Picus' endpoint attacks, Linux took the gold keeping out 65%, shortly followed by Windows at 62%, with macOS keeping out just 23% of attempted attacks which the report attributes to a “potential gap in endpoint security controls on modern macOS environments.”

“While we have found Macs are less vulnerable to start, the reality today is that security teams are not putting adequate resources into securing macOS systems,” said Volkan Ertürk, Picus Security Co-Founder and CTO.

“Our recent Blue Report research shows that security teams need to validate their macOS systems to surface configuration issues. Threat repositories, like the Picus Threat Library, are armed with the latest and most prominent macOS specific threats to help organizations streamline their validation and mitigation efforts,” Ertürk concluded.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Many environments were also at risk from a lack of best practices, with 25% of companies using common languagepasswordswhich can easily be brute forced or decrypted into cleartext credentials. Moreover, just 9% of data exfiltration techniques were prevented by the tested organizations, with BlackByte being the most challenging group for organizations to defend against (17%), followed by BabLock (20%) and Hive (30%).

“Like a cascade of falling dominoes that starts with a single push, small gaps in cybersecurity can lead to big breaches,” said Dr. Suleyman Ozarslan, Picus co-founder and VP of Picus Labs.

“It’s clear that organizations are still experiencing challenges when it comes to threat exposure management and balancing priorities. Small gaps that lead to attackers obtaining domain admin access are not isolated incidents, they are widespread. Last year, the attack on MGM used domain admin privileges and super admin accounts. It stopped slot machines, shut down virtually all systems, and blocked a multi-billion-dollar company from doing business for days,” Ozarslan said.

More from TechRadar Pro

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

A new form of macOS malware is being used by devious North Korean hackers

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case