- The everyday risk of viruses on the iPhone is virtually zero, thanks to its “walled-garden” approach to software and services running on the iOS platform.
- There are simple precautions you can take to protect yourself that include keeping your iPhone software up to date and using strong passwords.
- Users should be on guard from all kinds of security risks, not just viruses.
Viruses and other kinds of malicious software – collectively known as malware – hang like a dark cloud over the world of technology.
Security experts warn about the risk of malware on PCs and Macs, and most people run some kind of antivirus software on their desktop or laptop for protection.
But what about iPhones? Are they also at risk? Here’s what you need to know.
In general, there’s little to no risk
In short, no. For the vast majority of everyday users, there’s virtually no risk of viruses on the iPhone. “In the consumer space, there is so little risk as to be none,” said Marc Rogers, executive director of cybersecurity at Okta. Rogers was the white hat hacker who was one of the first to hack Apple’s Touch ID, and he is one of the technical advisors for the TV show, “Mr. Robot.”
Amit Serper, the head of security research at Cybereason, agrees. He said the low risk is a consequence of the fact that “Apple has a very closed security model for their iOS that takes a walled garden approach.”
The so-called walled garden, another term for Apple’s approach to requiring third-party apps and services to be specifically approved and vetted through the App Store, effectively prevents malware from taking control of the entire phone. Another factor working to the iPhone’s advantage: “Apple has avoided OS fragmentation which is the curse of Android,” Rogers said.
Android is a much more fertile environment for malware because there are so many versions of the OS in the wild, and it’s the carriers – not Google – that get to decide when or even if the operating system is patched with security updates on specific model phones. In contrast, Apple device owners update their operating system software far more frequently, and Apple doesn’t have to deal with the same amount of OS fragmentation found within the Android ecosystem.
No device is invulnerable
That said, a more thorough answer to the question of whether iPhones can get viruses is that “it depends,” though the number of potential viruses that could affect an iOS-based device is minuscule compared to the tens if not hundreds of thousands of known viruses for PCs.
Still, there are active threats in the wild today. As Rogers explained, the economic value of these exploits is so great that they are generally only leveraged by nation states against very high-value targets.
“It’s no surprise that nation states have been looking for ways to crack mobile devices for years,” Rogers said. “You’ll remember that after the San Bernardino shooting, Apple refused to open devices. It was a testament to Apple’s security, but it also meant that governments had to come up with their own way in.”
You should take sensible precautions
Though the risk to everyday users is quite low, you should still take sensible precautions – and thankfully, it requires almost no effort.
It should go without saying, but do not “jailbreak” your phone. Jailbreaking is an unauthorized change to iOS that allows you to install apps that aren’t found in the official Apple App Store.
But moreover, the best defense against malware is to “keep your iPhone updated to the latest version,” Serper said. To make sure you have the most current OS update installed, do this:
- Open the Settings app and tap “General.”
- Tap “Software Update.”
- Make sure “Automatic Updates” is turned on.
- If there is an update available, install it. If there’s no update available, it’ll say that your software is up to date.
Rogers had some other tips for avoiding malware: “Set strong passwords on your phone and online services. Only install apps you trust, and don’t click on unknown links in email.”
The future of iPhone malware
It’s reasonable to assume that Apple will continue to update iOS as hackers play cat and mouse with newly discovered vulnerabilities. Steve Grobman, chief technical officer at antivirus company McAfee, said you should also be aware of other risks, like social exploits – in which criminals pose as a business to get you to reveal passwords and other personal information. This could be done over the phone or via email, which commonly referred to as a “phishing.”
“Malware is just one of many security concerns for mobile devices,” Grobman said. “iOS had a significant Bluetooth vulnerability in 2018, and we recently saw security problem with FaceTime. Cybercriminals have even set up rogue Wi-fi networks in public places. Viruses are just one way in.” (Apple has since fixed the vulnerability found in group FaceTime calls.)
If you take simple precautions and stay vigilant, you should be safe. But as Serper said, “I’m not a fan of the popular narrative that iPhone are impervious to malware. Anything with a CPU is vulnerable.”