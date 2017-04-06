F-Secure buys Little Flocker to combat macOS ransomware

Little Flocker enforces low-level access control to files and other sensitive resources like the webcam and microphone

Romania Correspondent, IDG News Service |

OS X El Capitan installation
Credit: Martyn Williams
Related

With attacks against Mac users growing in number and sophistication, endpoint security vendor F-Secure has decided to acquire Little Flocker, a macOS application that provides behavior-based protection against ransomware and other malicious programs.

Little Flocker can be used to enforce strict access controls to a Mac's files and directories as well as its webcam, microphone and other resources. It's particularly effective against ransomware, spyware, computer Trojans and other malicious programs that attempt to steal, encrypt or destroy files.

F-Secure plans to integrate Little Flocker, which it calls "the most advanced security technology available for Macs," into its new Xfence technology. Xfence is designed to  add behavioral-based protection to its existing endpoint security products for macOS.

Little Flocker was developed by iOS forensics expert Jonathan Zdziarski. In March, Zdziarski announced that he had accepted a position with Apple’s Security Engineering and Architecture team, which might explain why he decided to sell his project.

While Macs have historically been targeted less than PCs by attackers, that has begun to change in recent years. That's because MacBooks are preferred by many senior-level company executives, developers and other groups of users that are considered high-value targets for both cybercriminal and cyberespionage groups.

Recently leaked documents that allegedly belong to the CIA show that its cyberoperations division has a great interest in MacBooks. The agency has developed low-level firmware implants and espionage software for Apple computers.

Cybercriminals are also targeting Macs. Several Windows Trojan programs  have been ported to macOS and last year also saw the discovery of the first file-encrypting ransomware for the platform.

Little Flocker integrates with macOS at a low level and cannot be easily disabled by malware. It allows users to specify which applications have access to which files or directories. Since it provides real-time protection against unauthorized access to data it can be highly effective at stopping ransomware, which typically attempts to encrypt a large number of files.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Lucian Constantin is an IDG News Service correspondent. He writes about information security, privacy, and data protection.

Must read: 10 new UI features coming to Windows 10
You Might Like
Don't Miss
killer raspberry pi projects 1
10 more killer Raspberry Pi projects (Collection 2)

In the last installment of Killer Raspberry Pi Projects, the focus was on projects that produced a...

paris tuileries garden facepalm statue
IoT garage door opener disabled over bad review, then re-enabled after backlash

Garadget, maker of an IoT garage door opener, disabled a customer's door opener over a bad review, then...

free tech software storage
18 free cloud storage options

A review of 18 companies that offer free cloud storage

Resources
Top Stories
internet of things
4 reasons Cisco’s IoT forecast is right, and 2 why it’s wrong

Optimisim grows for Cisco’s forecast of there being 50 billion IoT devices by 2020.

hpe chelsea piers HP
How HPE plans to spin out its software assets

HPE Software’s Chris Hsu, who will soon become CEO of Micro Focus, explains how HPE’s latest strategic...

cloud data warehouse
How to get the most out of data, services in a multi-cloud world

The reality for the vast majority of enterprises is that their IT, and thus their data and services,...

phone picture conference
Protecting the enterprise against mobile threats

Mobile devices have transformed the digital enterprise allowing employees to access the information...