Businesses allocate a lot of resources in making sure that their systems are secure. For example, they could have a dedicated security operations centre along with firewalls, SIEM and identity management solutions for cybersecurity. For operating systems, enterprises have anti-malware solutions installed on the devices themselves. But what about the inherent nature of a specific OS. Is Mac more secure than Windows devices from hackers? In this article, we take a look at the various factors that compare operating systems for cybersecurity posture.
So, we have three leading OSs in the world. First is Windows, the most widely used OS particularly in the enterprise space, then we have macOS, the Unix-based OS used in Apple’s computers and finally, the open-source Linux (and associated distributions) used scarcely by a select group of people for niche applications.
According to experts, the reason why Windows is considered less secure than competing operating systems is not because of the lack of security standards and innovation from Microsoft, but because of its large attack surface and predominant use in enterprises. The size of people that use Windows is massive, and because of this, hackers around the globe target the operating system more than the other ones.
The majority of new malware are therefore designed for Windows specifically in mind. On the technical side, Windows is equally, if not more, secure than other operating systems. In fact, the security engineering of the Windows operating system at Microsoft has rolled out significant innovations in the last few years to tackle cybersecurity issues. It has even deployed ML models to scan for potential threats continuously and has the biggest malware signature database.
But the persistent attacks using any potential or unpatched vulnerabilities of the operating system are leveraged by hackers for their nefarious ends. So the Windows operating system does not come with some inherent flaws that make it more vulnerable than other platforms. It’s just that malicious hackers will try to target Windows over Linux or macOS because of the higher probability of successful attacks, just because of the attack surface and the number of users.
Microsoft has also taken a very proactive stance of rolling out regular Windows updates so that any vulnerabilities can be patched quickly. Windows comes with an Anti-Malware software by default which is very capable of detecting all kinds of malware with the help of things like signatures, YARA rules and reputation checks, even though it will not safeguard the organisation against more advanced attacks.
In addition to this, Windows also has a sandbox installed in its stores, which safeguards a PC from threats which other security systems may have missed. Also, Windows makes use of code signing checks, which leads to less data tampering. On a Windows device, code signing is done both at the time of installation and the first run of an application.
Mac OS has a reputation for being secure by default. But that mostly means that it is not operating several network services out-of-the-box which can be attacked. The Apple T2 Security Chip embedded with many newer Mac models — keeps Mac OS safer than ever. Secure Enclave coprocessor in the Apple T2 chip presents the foundation for Touch ID, secure boot, FileVault, and encrypted storage capabilities. The T2 chip also presents a default tactic of obstructing the free and open-source software from loading up. macOS system security encompasses the boot-up process, software updates and the ongoing operation of the OS.
Macs face fewer viruses compared to the Microsoft Windows operating system. It’s not like macOS is free of malware and we see vulnerabilities found in the OS from time to time. PCs have been more popular, with the number of Windows operating systems connecting to the web far exceeding those of Macintosh or Linux. The result has been an influx of cyber attacks targeted at PC users and the Windows operating system. But now the times are changing, and Mac OS X’s market share is about 10%, and therefore cybercriminals are taking notice and beginning to set their sights on the Apple operating system.
System Integrity Protection (SIP) is a security feature of Apple’s macOS operating system introduced in OS X El Capitan in 2015. It consists of many mechanisms which are enforced by the kernel. This protects against modifications by processes without a particular entitlement, even when executed by the root user or a user with root privileges.
Linux is entirely open-source, unlike other operating systems, meaning one literally has thousands of people around the globe tearing apart the Linux source code on a daily basis. The open-source community looks for every single security vulnerability and then issues a security patch for it. The more people you get to look and review your code, the better. On the contrary, when you only have a select team of people (as with Windows and macOS) to review code, you’re definitely going to run into some significant issues, and you will have far more vulnerabilities than the global crowd-sourced one.
A lot of industry experts say that Linux could be safer than both Windows or macOS. Linux has advanced options to sandbox any process and the reason why some analysts and users view Linux as more secure than Windows and macOS. Linux implements various aspects of security that are intended to complement each other. Instead of looking at anti-malware or firewalls, Linux kind of recognises that permissions solve 99% of the issues in cybersecurity.
For example, Fedora is a Linux distribution from the community-driven Fedora Project which is sponsored by Red Hat. Fedora applies Security-Enhanced Linux by default, which implements a diversity of security policies, including forced access controls, which Fedora embraced early on. Fedora renders a hardening wrapper and does security hardening for all of its packages by applying compiler features like position-independent executable (PIE).
Contrary to certain beliefs, the open-source nature of Linux helps patch security issues very quickly and spot any security flaw due to a collaborative nature. On the other hand, many add-on security measures are missing on Linux like code signing and sandboxing. Due to its free, open-source use, as well as small security support, Linux OS is not very much trusted by some. According to some organisations, open-source isn’t secure because people can get to that source code, and this is just not the right logic today. In fact, many companies use Linux operating systems like the Red Hat Enterprise Linux, which is specifically hardened for data security.
Worldwide just over three-quarters of desktop computers run some variant of Microsoft Windows, with Mac OS 10 a very distant second at just over 10% market share. Windows and Mac OS are very different operating systems in terms of their underlying code with modern versions of Windows-based on the Windows NT kernel and Mac OS instead based on UNIX.
If one looks at issues of vulnerabilities in Mac, Windows or Linux or really any operating system, it’s very similar. Because building an operating system is a very hard task, and therefore, all of them have similar kinds of vulnerabilities. So technically Mac is not particularly more secure than Windows. But the bigger issue is what are attackers targeting. If an attacker is trying to target as many people as possible, they are not going to go after a smaller install base (macOS or Linux).
There isn’t anything specific about Mac OS that makes it inherently more secure. Instead, the differences between Windows vs Mac OS and Linux means that malware often has to be coded separately for each platform. So a Mac isn’t necessarily more difficult to attack or less vulnerable than a Windows PC.
Hackers go after an OS with the biggest install base, i.e. Windows. Therefore most of the malicious software only works on a Windows system. This means that if someone is running a Mac at home, and they accidentally click on a malicious email link, the malware won’t probably run because it’s only meant to run on a Windows system. That doesn’t mean that there aren’t any macOS attacks out there, but it’s rare. So the bottom line is that yes, Macs are more secure than Windows systems, but probably not for the reasons people think they are.
The good news is that Microsoft and Apple have developed pretty comprehensive ways of securing users systems and while neither of them is by any means perfect both companies invest plenty of resources into finding and patching vulnerabilities usually in a pretty timely manner.
Also, hackers don’t particularly target Linux due to its low usages among business users. Compared to Windows and macOS, it has the smallest market share and less than 5% of the OS market. Now, the good thing is Linux does not give its users admin access by default and therefore limits the damage that users can do by clicking on links that they could be malicious. It’s considered Linux has more people working to spot vulnerabilities in their platform, enabling them to catch any threat sooner than the rivals.
Each OS has its own pros and cons. There are differences amongst the OSs when it comes to crucial security traits such as built-in anti-malware tools, sandboxing, system protection and codesigning. It’s up to an organisation and an individual to make an informed choice about picking a particular operating system platform which aligns better with security goals.