More and more organizations are using mobile devices to conduct various business processes, from staying in touch with customers and partners to performing financial transactions. This fact is not lost on cybercriminals — they’re launching ransomware to get into Android devices and hold the data on these devices hostage in exchange for large sums of money. Learn more about mobile ransomware and its risks, as well as some ways by which you can defend against it.
How does mobile ransomware work?
Android users may unwittingly download mobile apps riddled with ransomware from third-party app stores or even legitimate ones such as Google Play Store. Once these apps are installed, the ransomware is launched, locking the device and encrypting the data it contains. The victim may see a ransom note on the screen demanding payment in Bitcoin or some other cryptocurrency in exchange for unlocking the device or the decryption key.
One specific ransomware strain detected in late 2020 locks a mobile device’s screen and prevents the user from dismissing the ransom note, which looks like a message from the police. The note tells the user that they committed a crime and must pay a fine — a technique that cybercriminals have been using to make their victims panic, making the latter more likely to pay up.
What should you do if your Android device is infected?
Just as with ransomware that affects computers, there’s no guarantee that paying the ransom will restore access to the device and/or encrypted data. This is why cybersecurity and law enforcement professionals advise against giving in to cybercriminals’ demands.
Instead, they recommend that you immediately disconnect the infected smartphone or tablet from your business’s Wi-Fi or home network and other devices it’s connected to. This will prevent further infections within your network.
Next, report the incident to your in-house IT staff or managed services provider, who can help you find out what type of ransomware you’re dealing with. They can then figure out the best way to remove the ransomware and help you regain control of your device and everything in it.
How do you protect your business from mobile ransomware?
Remind your employees to download from official app stores only; they should never download from third-party app stores and websites, as well as online forums. Additionally, make sure they turn on Google’s security system, Verify Apps, which scans apps for potential threats before these can be installed. They can do this on their Android devices by going to Settings > Security > Verify Apps, and enabling “Scan device for security threats.”
Also, ensure that all your employees’ mobile devices have antivirus software installed on them, and that it’s always kept up to date.
Finally, back up important files on mobile devices to either a USB drive, a computer, or any cloud-based storage service. This way, your staff won’t lose valuable data if they need to reset their smartphone or tablet.
For more advice on how to protect your business from mobile ransomware and other cyberthreats, get in touch with our experts today.