Report finds macOS fares worse than Windows and Linux at preventing cyber attacks

A laptop with digitally inserted hack warnings around it
(Image credit: Getty Images)

A worrying number of environments are vulnerable to complete takeover via escalated privileges, a new report from Picus Security has found.

Environments were tested in simulated attacks, with the average organization managing to defend against 7 out of 10 attacks across all vectors such as email, web application and endpoint attacks, but considering the constant threat presented by organized cybercrime groups this leaves a serious margin for potential intrusion.

Out of all the attacks simulated, over half (56%) were logged by firewalls, while just 12% triggered an alert.

Organizations at risk of take over

Full environment takeovers occur when an attacker can escalate their privileges to an administrator level, giving them access to move throughout systems and networks to steal data, install malware and much more. Picus was able to achieve domain admin access in 40% of the IT environments it tested.

When it comes to which operating systems were most successful at keeping out Picus' endpoint attacks, Linux took the gold keeping out 65%, shortly followed by Windows at 62%, with macOS keeping out just 23% of attempted attacks which the report attributes to a "potential gap in endpoint security controls on modern macOS environments."

“While we have found Macs are less vulnerable to start, the reality today is that security teams are not putting adequate resources into securing macOS systems,” said Volkan Ertürk, Picus Security Co-Founder and CTO. 

“Our recent Blue Report research shows that security teams need to validate their macOS systems to surface configuration issues. Threat repositories, like the Picus Threat Library, are armed with the latest and most prominent macOS specific threats to help organizations streamline their validation and mitigation efforts,” Ertürk concluded.

Many environments were also at risk from a lack of best practices, with 25% of companies using common language passwords which can easily be brute forced or decrypted into cleartext credentials. Moreover, just 9% of data exfiltration techniques were prevented by the tested organizations, with BlackByte being the most challenging group for organizations to defend against (17%), followed by BabLock (20%) and Hive (30%).

“Like a cascade of falling dominoes that starts with a single push, small gaps in cybersecurity can lead to big breaches,” said Dr. Suleyman Ozarslan, Picus co-founder and VP of Picus Labs.

“It’s clear that organizations are still experiencing challenges when it comes to threat exposure management and balancing priorities. Small gaps that lead to attackers obtaining domain admin access are not isolated incidents, they are widespread. Last year, the attack on MGM used domain admin privileges and super admin accounts. It stopped slot machines, shut down virtually all systems, and blocked a multi-billion-dollar company from doing business for days,” Ozarslan said.

More from TechRadar Pro

TOPICS
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Read more
A person in a wheelchair working at a computer.
Why betting on Mac security could put your organization at risk
Hack The Box crisis simulation event
“Everyone will experience a hack” - how incident response can protect your organization
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
Hacker Typing
Racing against time on a menacing caldera: survey finds majority of organizations take days to tackle critical vulnerabilities, each of them a potential open goal for cybercriminals
Security padlock in circuit board, digital encryption concept
A guide to integrating application security into any cyber defense strategy
Latest in Pro
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
A graphic showing someone on a tablet working through a supply chain.
Security issue in open source software leaves businesses concerned for systems
European Union technical background
EU tech companies push for digital sovereignty, reducing reliance on US and others
ransomware avast
One of the most powerful ransomware hacks around has been cracked using some serious GPU power
person at a computer
Infamous ransomware hackers reveal new tool to brute-force VPNs
Adobe Summit 2025
Adobe Summit 2025 - all the news and updates as it happens
Latest in News
Metroid Prime 4
I reckon the Nintendo Switch 2 could launch with Metroid Prime 4 – here’s why
Pebble smartwatch countdown
Pebble confirms its smartwatch announcement is just hours away
Logo of YouTube Shorts
Is YouTube auto-playing Shorts when you open the app? Well, you’re not alone - here’s how to fix it
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
Nintendo Switch 2
Nintendo Switch 2 expected to have AI upscaling and I can't wait to finally play Tears of the Kingdom with upgraded graphics
PowerColor Red Devil AMD RX 9070 XT graphics card shown side-on
Your next GPU could be from AMD, not Nvidia, if Team Red’s success with PC gamers continues