Apple becomes latest victim in string of Java-related security incidents

Global technology giant Apple has become the latest organisation to be hit by a cyber security incident, continuing a busy month for vulnerability management and digital security news.

The company released a statement this week explaining that it had identified a number of Mac systems within Apple that had been infected via a Java plug-in related vulnerability in web browsers.

Apple believes that there is no evidence to show any data had been stolen from the organisation's systems, and has explained that it is working with law enforcement in order to identify the source of the malware.

As a precautionary measure, Apple has released a special tool for Mac computers that will automatically scan for the identified malware and remove it if an infection is discovered.

"Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days," reads the statement.

"To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found."

According to Reuters, who broke the story on February 19, the attack which affected Apple is directly related to similar incidents which have impacted both Facebook and Twitter in 2013.

Earlier this month, Twitter director of information security Bob Lord confirmed in a blog post that the microblogging site had been breached, in an incident that may have affected upwards of 250,000 users.

That was followed by an announcement from the Facebook Security Team earlier this week confirming that the company had been targeted by malicious cyber criminals.

An anonymous source who had reportedly been 'briefed' on the situation told Reuters that these incidents were the "first really big attack on Macs" and that "Apple has more on its hands than the attack on itself."

These stories have confirmed the fact that all organisations, regardless of size or industry, need to take cyber security and vulnerability management seriously at all times.

Regular security audit evaluations and ethical hacking assessments are some of the best strategies that enterprises can take to ensure they are correctly mitigating the risk of a security breach, so this should be one of the first options considered by organisations both in Australia and abroad.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s