Not long after its CEO claimed that Apple was a decade behind Microsoft in terms of security, Kaspersky Lab has revealed that it's now working with Apple to investigate OS X security concerns. "Apple recently invited us to improve its security," CTO Nikolai Grebennikov told Computing. "We've begun an analysis of its vulnerabilities, and the malware targeting it." Grebennikov cites the recent Flashback trojan, which affected over 600,000 Mac users, as proof that "Apple's security model isn't perfect." He also believes that within the next year we could see the first instance of malware on iOS. Of course, while Grebennikov's assessment may be correct, it's also important to note that his company sells anti-virus software, and thus has quite a bit to gain from raising security concerns. Apple will also be introducing a new security feature called Gatekeeper when it launches Mountain Lion later this summer, which should address some of these issues by making it easier to only install certified apps that are free of malware.
Update: Kaspersky Labs is saying that Computing took its statements out of context. According to a statement, CTO Nikolai Grebennikov says that this security analysis of Mac OS X was conducted independently of Apple," but goes on to note that Apple is "open to collaborating with us" regarding what Kaspersky Labs found during its study. The full statement from Grebennikov is below.
On Monday, April 14, Computing.co.uk published an article titled “Apple OS ‘really vulnerable’ claims Kaspersky Lab CTO” that includes an inaccurate quote regarding Apple and Kaspersky Lab. The article reports that Kaspersky Lab had “begun the process of analysing the Mac OS platform at Apple's request” to identify vulnerabilities. This statement was taken out of context by the magazine – Apple did not invite or solicit Kaspersky Lab’s assistance in analyzing the Mac OS X platform. Kaspersky Lab has contacted Computing.co.uk to correct its article.
The following statement from Nikolay Grebennikov, Chief Technology Officer, Kaspersky Lab, clarifies this misrepresentation:
“As Mac OS X market share continues to increase, we expect cyber-criminals to continue to develop new types of malware and attack methods. In order to meet these new threats, Kaspersky Lab has been conducting an in-depth analysis of Mac OS X vulnerabilities and new forms of malware.
This security analysis of Mac OS X was conducted independently of Apple; however, Apple is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis.
Kaspersky Lab is committed to providing the highest level of security for all of our customers, including Mac OS X, and we will continue to enhance our technologies in order to meet the ever-changing threat landscape.”
Nathan Ingraham contributed to this report.