Ransomware is a word that has virtually taken around 2 million computers hostage across 150 countries since last week. The global mess it caused left Android users wondering whether Android devices are safe from Ransomware attack or not. Here we are going to discuss the possibilities of whether Android is vulnerable to Ransomware or not. We have also listed some security measures for the same.
What is Ransomware?
Ransomware is a malware that restricts user’s access to their systems by encrypting the data and then hackers demand ransom payments to decrypt the files. It spreads over a network of computers having security exploits. The Recent WannaCry outbreak is an example of Ransomware.
With that said, still, the question remains whether the Android devices are safe from Ransomware attack or not?
Can Ransomware Affect Android devices?
Android devices might also get affected by Ransomware. But cyber security experts say the following:
- Ransomware mostly targets systems on a server.
- Major targets are top govt and non-govt organizations which are more likely to pay a high amount of ransom.
- Seems like hackers are more interested in crucial and confidential files.
According to cyber security expert Jacob Osborn,
more likely commercial and enterprise machines are going to pay bitcoins to get their valuable data files back.But with Android, you’re talking about people, which is much more unlikely that you’ll get $300 out of a teen that needs their phone back.
It is highly unlikely for Android devices to get hit by Ransomware, but we cannot entirely ignore the possibilities of such malware attacks.
Security measures followed by Google to safeguard Android from Ransomware
In Android platform,
- Ransomware presents itself as an App that restricts user’s access to the device.
- It will encrypt data on the device’s external storage.
- Then demand ransom payment to decrypt the data.
But Google is very concerned about its apps and user communities. So it follows these strict guidelines to ensure total security from malware activities.
Google Play policies Against Ransomware Apps
Google policies listed below:
- Google Play strictly prohibit apps that contain ransomware.
- It runs safety check on apps before they are downloaded from the Play Store.
- It checks your device for Potentially Harmful Apps(PHAs).
- If any PHA gets detected, it will get promptly removed.
- Google Play Protect periodically scans your device.
- It checks more than 400 million devices and 6 billion apps every day for PHAs.
Another concept used by Google Play is Application Sandboxing
- It forces each app to operate independently of others.
- It limits ransomware/malware’s ability to access sensitive information.
Malware Protection in the new Android 7.0 Nougat
With the release of the new version Android 7.0 Nougat, some striking new security features have been enabled.
* Safety Blinders system stop a malware hosting app from knowing what other Apps are doing, hence preventing the malware attack.
* Setting up a Lock Screen Pin to stop the ransomware from locking you out of your device.
* Prevents users from falling prey to Clickjacking.
Security Measures Android Users Should Follow
Android users should follow these security measures for protection of Android devices from Ransomware
- Download apps from a trusted source, like Google Play Store.
- Install latest security updates on your device.
- Carefully read reviews and other information about apps before installing.
- Check your App’s security status by going to
Google Play Store app> Menu> Play Protect> status of your device.
- Always enable Verify Apps.
- Visit mostly encrypted websites such as AndroidSage. Look for HTTPS protocol in the browser’s address bar.
- While visiting unsecured websites (non-HTTPS), don’t randomly click on any link. It might end up opening a door for a malware.
- Regularly back up your data across cloud storage devices.
Now comes the million dollar question…
What To Do if Your Android Device Gets Affected By Ransomware?
In case Your Android device gets affected by Ransomware or any malware,
1) Try restarting Your device in Safe mode.
- Boot into safe mode.
- Uninstall the suspicious App.
- Reboot your device.
2) Reset your Android device to factory settings
- It will restore the device to its manufacturer settings.
- It will erase all the data present on the device.
- Take a backup of data before doing a factory reset.
- Perform Factory Reset
Therefore, we can say with more efficient technology, there is a need for higher security, to safeguard Android user’s crucial data from cyber criminals. Moreoevr, it should be a joint effort from both Android developers and user’s side as well.
Image Source: Android Authority