View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 21, 2015

5 experts decode the Apple app attack

iOS is not immune to malware.

By Charlotte Henry

It has been revealed that Apple’s mobile app store has suffered its first major security breech, after hackers convinced legitimate developers to use a tainted version of its XCode development software.

Below, industry experts tell CBR what they think about the hack, and the implications for Apple at its developers.

1. David Emm, senior security researcher at Kaspersky Lab

"While the majority of mobile malware targets victims running Android, this incident highlights the fact that iOS isn’t immune to malware.

"Apple’s ‘walled garden’ approach does make it harder for cybercriminals to compromise apps, but if something does slip through the net, as in this case, there’s no protection available because Apple doesn’t provide third-party developers with the means to develop anti-malware protection for iOS.

2. Piers Wilson, head of product management at Huntsman Security

"The success of the attack on Apple’s App Store was another reminder that not all attacks are new hacking techniques or ultra-sophisticated malware, but often just exploit human nature.

"One of the best ways of addressing threats like this is to monitor employee and system behaviour for any abnormal or suspicious activity that could indicate problems early, before damage is done.

"For example, as in the case of the attack on the App Store, being able to identify that employee devices were transmitting data in a suspicious way or to unknown or hacker-affiliated systems could provide an early warning to security teams that data leakage (whether caused by rogue/compromised apps or otherwise) was visible.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"Traditional security systems, especially those based on an assumption that the internal environment is in a known and trusted state, simply can’t provide this capability – a new, next-generation approach is needed."

3. Thomas Reed, director of mac offerings at Malwarebytes

"This is easily the largest App Store breach in history. There is little doubt that there will be some revision of the app review process at Apple as a result, but it’s also certain that this incident will erode consumer confidence in the App Store as a (mostly) unassailable malware-free fortress

"Worse, there was really no way to tell that these apps were infected. Perfectly respectable, legitimate apps turned out to be infected. It’s hard for any user to be on guard against this kind of malware."

4. John Smith, principal solutions architect at Veracode

"In recent years it has seemed that the problem of Mobile Malware was bigger for Android than for iOS. The more rigorous testing regime required before an iOS app can be published has always been considered to be the reason for this difference, but in this case it seems to have fallen short.

"One very interesting aspect of this incident is that that the developers of the apps had no knowledge that their own code was being used to carry malware – it was the modified development environment (Xcode) that introduced the payload."

5. Steve Nice, chief technologist at Node4

"Organisations can protect themselves by having a device which filters internet traffic before it reaches the internal network. These devices could be called firewalls, proxys, web filters, IDS or UTMs. They must be updated daily, if not hourly, and will be able to detect and block malicious scripts.

The most important thing that all business should bear in mind is they need to use best practices regardless of the system they use. Businesses need to assume they will be hacked by default. The threat landscape is ever evolving and end users have to be able to trust technology companies."

However, some developers are not so worried about the implications of the hack. Olly Berry, head of iOs at developer Mubaloo, said

"The fact that this is a very isolated incident, affecting a reported 36 apps, shows that it’s not necessarily as big a deal as it’s being reported to be. In this case, the damage that can be done is still relatively limited as the malware can’t read any sensitive data and the issue has been resolved.

"In the grand scheme of Malware, if this is the worst the hackers were able to do, it shows that Apple is actually doing a good job. It will also reinforce that developers should be using the official tools."

The incident comes as President Obama travels to China for meetings, with cyber security high on the agenda.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.