How to Protect Your Business From Mac Ransomware

Windows users are often targeted by ransomware attacks. For example, in 2017, WannaCry and Petya ransomware infected hundreds of thousands of Windows PCs around the world. Unfortunately, ransomware strains that specifically target Macs are expected to grow in number as well. Follow these security best practices if you have a Mac to avoid infection.

Ransomware is malicious software that encrypts files on computers until a ransom is paid by victims. Typically, attackers threaten to release the encrypted contents to the public or destroy the sensitive data if victims don’t pay them within a specific time frame. Organizations in healthcare and finance, particularly, are more likely to be willing to pay ransoms because they're usually worth a lot of money, and they don't want to risk losing access to their important data.

Mac ransomware is just another type of ransomware targeting Macs. Like other types of malware, ransomware is often distributed through phishing emails.

KeRanger ransomware was first discovered in 2016 when it was found to be spread via the popular BitTorrent application Transmission. KeRanger was able to bypass Apple’s built-in security measures by using an authorized security certificate. It infected more than 7,000 Macintosh computers.

Meanwhile, the Mac ransomware strain Patcher was discovered in 2017. It disguised itself as an app that could repair damaged files in programs like Microsoft Word. When launched, Patcher would encrypt files in user folders and demand a Bitcoin payment. However, the ransomware was badly written, so there was no easy way to recover the decryption keys once the ransom had been paid.

Ransomware became a big problem for companies in 2019 when EvilQuest ransomware encrypted their files and forced them to pay a Bitcoin ransom. Like Patcher, however, even though there was no decryption code, there was no way for those who paid the ransom to get their files back.

Ransomware attacks like these can come back at any time, so you need to prepare for them.

Preventive measures are usually the best way to keep Macs safe from malware. You install apps only from the official App Store and keep up with the latest software updates to protect yourself against new threats.

Be careful when clicking on links and downloading files from unknown sources. These could be malicious and lead to malware infections. Be vigilant even when an email seems to come from a legitimate source or someone you know.

You need to back up your files regularly and have a disaster recovery strategy in place to ensure that your business continues to function if ransomware successfully infects your systems.

If your Mac is encrypted by ransomware, don't pay the ransom fee, because there's no guarantee that the hackers will decrypt your files and release them. Instead, use updated anti-virus software to remove ransomware from your PC. If you're infected by ransomware, there are also free decryption tools online that can help you remove the infection.

If these tools don’t work, contain the spread by disconnecting from the internet. Afterwards, run data recovery procedures, and then seek the help of our security experts. We stay up to date with the latest Mac security threats so we can help protect your business from them.