Ransomware is a particularly nasty class of malicious software. Unlike a destructive virus or piece of malware that eradicates data entirely, ransomware attacks victims psychologically with the hope that their precious files can be recovered… if you’re willing to pay for it.
Many of the top digital security firms in the world have been waging war on ransomware since day one. As Jason Woloz, a senior program manager with Google’s Android Security team, explains in a recent blog post, Google is no exception.
Google has long had protections from ransomware in Android and although the issue has become more prevalent with time, infections on mobile devices are still quite rare. Woloz notes that since 2015, less than 0.00001 percent of ransomware installations originated from Google Play and less than 0.01 percent of installations from sources other than Google Play were categorized as ransomware.
Woloz says that’s less than the odds of getting struck by lightning twice in your lifetime.
Google’s fight against ransomware involves a couple of key components including Application Sandboxing which forces apps to operate independently of others and Verify Apps, the security system that analyzes apps before installation and regularly checks in with both devices and apps for PHAs (Potentially Harmful Applications).
With Android 7.0 Nougat, Google is further bolstering its fight against ransomware. A few of the upcoming additions and changes are outlined below.
- Safety blinders: Apps can no longer see which other apps are active. That means scammy ones can’t see what other apps are doing—and can’t inform their attacks based on activity.
- Even stronger locks: If you set a lockscreen PIN prior to installing ransomware, ransomware can’t misuse your device’s permissions to change your PIN and lock you out.
- Whacking clickjacking: “Clickjacking” tricks people into clicking something, often by obscuring permission dialogs behind other windows. You’re now protected from ransomware attacks that use this tactic to sneakily gain control of a device.
Woloz also provides the following steps you can do to help keep your device safe:
- Only download apps from a trustworthy source, such as Google Play.
- Ensure Verify Apps is enabled.
- Install security updates and always ensure your device is updated to the latest version to get the best security protection.
- Back up your device.
- Be cautious. Take a moment to read reviews and other information about apps before installing, to make sure you download the app you’re looking for.
Even if you do everything “right,” it’s still possible that ransomware could find its way to your device. If that happens, Google recommends first trying to boot into safe mode and uninstalling any recent apps you may have installed. Should that not work, you can try performing a factory reset although this should probably be your last resort (especially if you don’t have your files backed up).
Lead image via Palto, Shutterstock