If you have even the vaguest interest in computer security, you’ve probably heard the term ‘backdoor’ used a great deal. But what is a backdoor, what kind of risk does it present and what can you do to protect your Mac? Read on to find out.
What is a backdoor?
In computer security terms, a backdoor is anything that allows the usual authentication process for a computer or other device to be bypassed. It could be deliberately installed by the original programmer — if you’ve seen the 1983 movie Wargames, you’ll remember that Dr. Falken installed a backdoor in the supercomputer system he designed and that it was used by Matthew Broderick’s character to play what he thought was a video game, with almost drastic consequences. Other backdoors are a result of poor security protocols, such as default usernames and passwords that allow access to the whole system. And a third group of backdoors are created by hackers inserting code to a system.
What damage can a backdoor do?
The short answer is: lots. A backdoor gives anyone, including a malicious hacker, access to your Mac. They could use that to steal resources for a nefarious distributed computing project like cryptomining, or steal personal data such as email addresses or even bank and other financial details.
Backdoors can also be used by the authorities to access personal details and messages. This type of backdoor has been in the news a great deal recently due to tech companies’ refusing to, or being unable to, give access to devices and accounts to law enforcement agencies. Some believe that these companies should build backdoors into their networks and devices to allow law enforcement to access data. Others point out that any backdoor is a security risk and that allowing law enforcement to use one would put it at risk from hackers.
How can I protect my Mac from backdoors?
That depends on where the backdoor is and what kind of backdoor it is. Backdoors that are the result of a deliberate act by the creator of a device, or the result of carelessness by a programmer, are difficult to protect yourself from, since most of the time you won’t even know they are there. Once you discover them, there are steps you can take.
If the backdoor is in your network router, for example, all you can do is wait for the manufacturer to release a patch and make sure you update the router’s firmware as soon as it’s available. In the meantime, consider disconnecting devices from the network when you don’t need them to be online. You could also consider installing a VPN on your router or on your Mac and other devices in order to encrypt data that’s transferred via the router.
Other backdoors, such as those that are the rust of code being downloaded to your Mac, are easier to prevent. The first step is to use the normal common sense rules of using any laptop online.
1. Don’t click on a link in an email unless you are absolutely certain of where they came from. Some backdoors are installed as a result of email phishing scams.
2. Similarly, don’t respond to warnings in pop-up windows in your browser that tell you your computer is at risk or that you need to update a component such as Adobe Flash. These warnings are scams designed to make you download malware.
Other steps you can take to protect your Mac are:
1. Use Activity Monitor (Applications>Utilities) to monitor network traffic and look for any unusual spikes at times when you haven’t been active online.
2. Consider using the Little Snitch app to monitor which applications and processes are ‘phoning home’ and when.
3. Scan your Mac for malware regularly. You can do this using the malware utility in CleanMyMac X. It uses CleanMyMac’s regularly-updated malware database and compares what it finds on your Mac with that. If it finds any malware, including that which may have installed a backdoor, it will offer to remove it.
4. Make sure your Mac’s built-in firewall is switched on and that your router is set up to prevent access to your network from the outside world.
5. Watch out for apps that request access to your microphone or webcam when you don’t expect them to. And watch out for your webcam turning on when you’re not using it.
Backdoors are difficult to guard against because you won’t necessarily know they are there until either they are discovered or they are used to steal data or for some other purpose. However, there are a number of steps you can take to mitigate the risk they present. And for backdoors that are downloaded to your computer using an email phishing scam or a ‘drive-by’ download such as those that pretend to be an important software update, common sense and vigilance will help protect you. If you do think you’ve downloaded malware like a backdoor, you can use CleanMyMac X to scan your Mac and remove it.