Researchers have discovered a common vulnerability in Macs that exploits DEP and MDM platforms.
Apple’s supply chain is one of the most closely monitored and analyzed in the world, but sadly the iconic devices are not immune to all cyber attacks.
According to numerous cybersecurity experts, a brand new Mac can be remotely hacked right out of the box just when it first connects to a Wi-Fi network.
The brand new hacks only target enterprise devices that use Apple’s device enrollment program (DEP) and its Mobile Device Management (MDM) platform.
According to the report, these two tools, allow corporate users to go through their company’s customized IT setup by themselves, regardless of their physical location.
MDM and DEP programs allow companies to ship Macs to their employees directly; the devices will automatically join the corporate ecosystem after they connect to Wi-Fi.
In theory, the programs represent a big feature for the companies but in reality, it is not so good for them because both processes are affected by a dangerous bug.
Companies and individual people must take certain precautions against this growing phenomenon of cyber attacks; for that they should implement at least a cybersecurity solution, like an antivirus, to protect their systems. Necessary things like regularly updating operating systems, using antivirus for Windows or antivirus for Mac depending on which OS your device is using. Companies must also hire professional cybersecurity firms to do regular checkups to their internal network a couple of times per year. These checkups must always include a penetration test and various ethical hacking test.
Once the DEP and MDM bug is exploited it would give hackers full corporate network remote access.
Soon after the discovery, Apple has been made aware of the issue and it has released a new version of macOS High Sierra to fix the bug.
Keep in mind that devices who are still running an outdated OS will remain vulnerable, to keep them safe please apply the new Apple patch as soon as possible.
The bug appears, when a Mac’s serial number is enrolled in DEP and MDM; after this process is completed, it will automatically run a series of checks with Apple’s servers and the MDM vendor’s servers. During a key step of the process between the MDM web server and the victim’s device, the hacker can use the bug to replace the downloaded manifest with a malicious one that forces the device to install a malware software.
We must say that every device has a significant value that must be protected by at least cybersecurity solution like an antivirus. Depending on which OS your device is running, install an antivirus for Windows or antivirus for Mac for total protection. Companies must take an extra step and hire a professional cybersecurity firm that will run various cybersecurity tests on your company’s network to implement only the best possible cybersecurity solution. Always opt for a package that includes at least a penetration test and ethical hacking test. For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.