Can Ransomware affect phones too?

Yes, it can. Everything can be affected. If there’s an OS, they’ll find a way to take an advantage of it. Including ransomware, banking malware or adware. And ransomware is probably the worst of them all. If you’re not sure which device is prone to malware attacks, just check if it has ‘smart’ in its name. If that’s the case, well, you better take a look at what we got to say and learn how to protect from this emerging threat that’s ever-growing phenomena.

Ransomware on smartphones: neo-crime we need to protect ourselves from

Ransomware essentials

First, let us explain what’s ransomware and how it can hurt you. Ransomware is, in some manner, a  modern successor to hijacking. Hackers gain access to your sensitive data and encrypt it or take a complete control of your device. In order to get your data/device back, you need to pay a certain amount of money. Most of the time they demand payments in bitcoins which are harder to track and easier to collect. After you pay, they provide you with the decryption key or password and the exchange ends there. Or does it? You can never be sure. Moreover, if your stolen data is secretive or intimate, they can leak it, which is, for all intents and purposes, horrendous.

This kind of cyber crime is already established as a constant threat in the PC world. You’ve probably have heard about the WannaCry crisis that emerged a few months ago and it struck down a few massive organizations and individuals in more than 150 states. More than 300,000 computers were affected. Including the Healthcare Service in England and telecom giant in Spain.

You can assume on your own what kind of personal patients data can store a Healthcare Service and conclude on your own what are the risks caused by the lack of proper security measures. Microsoft managed to stop it with a timely update, but there’s also a Petya ransomware which is much harder to address due to a better organization. And much more of those might emerge in the incoming months and years, with better organized and conducted cyber attacks.

What about smartphones?

But, we digress, let us get back to smartphones. Can Petya or WannaCry affect phones? It’s hard to say but chances are rather small. Of course, if you keep your hands of suspicious third-party non-trusted apps and update your device on time. However, it seems cyber-criminals are always one step ahead. Advancing and innovating the ways to take an advantage of security loopholes and naive or careless users.

Albeit, as the time pass, we can expect the rise of smartphone ransomware. Firstly, many users sync all devices and, if you want to choose the entry point, the smartphone is an obvious choice.  Smartphones are taking over in many regards, and with the NFC payment technology not being a novelty anymore, your goods are endangered, too. All kind’s of credentials, photos, videos, even messages – everything is up for a grab and, for some random hacker, it translates into one word: monetization.

As one would suspect, Android is much more prone to cyber attacks than iOS. These are the main reasons why the Android suffers in this regard:

  • Outdated OS. Over 33% of Android users are still using Android Lollipop and around 31% is stuck with Marshmallow. These users are still getting security updates but they won’t get upgrades to Android O 8.0, which is, allegedly, going to be a much better-protected OS and will resolve some of the security loopholes that are present even on Nougat.
  • Unaddressed permission. This is kind of continuation of present point. One permission that enables hackers to utilize apps for ransomware and other cyber attacks is still not addressed. And it will be on Android O as promised by Google. This is a notorious ”System Alert Window” permission that enables a certain app to display its content over other apps. Don’t install those apps, except if you’re sure they can be trusted. Like Facebook Messenger, for example, which is horrific performance-wise but it’s indeed a trustworthy app.
  • Lack of security updates. When compared to iOS, Android is a synonym for diversity. It covers dozens of manufacturers and, except for their own models (including Pixel and cooperation handset Nexus series), they’re not really responsible for the security updates management. That’s the responsibility of OEM or carrier. And more times than not, users need to wait for some time to take a hold of those. And once a major update comes, it’s frequently more of a problem than a solution.
  • Open-source nature of Android. Custom ROM, like Lineage, is great for so many reasons. Especially for more advanced users that know they way around the Android platform. However, they are slightly more prone to security loopholes. On the other hand, due to open-source nature of the system, it’s easier for hackers to create and push malware in the form of non-store apps.

How to protect

That doesn’t mean  iOS can’t suffer from cyber attacks. It can. But due to the exclusivity of iOS, it’s harder to create and push malware. Especially trough Apple Store. Now, once we identified the threat, we can provide you with ways to protect your phone from this uprising menace.

  • Install OS updates whenever prompted. 

Even though the hackers are seemingly always one step ahead, that doesn’t mean  you should give up on updates. They save your skin more times than not. It’s highly advised to always have the latest available OS version installed and that’s, among the other things, the essential way to protect yourself from ransomware.

  • Don’t install apps from unofficial third-party sites. 

At least, if you can’t be 100% sure that’s the safe app to use. Of course, you can make an exception, especially if the developer offers an open code and it’s appropriately checked by multiple users. For example, XDA is a third-party site you have no reason to doubt. But, always keep the eyes open. Better safe than sorry.

  • Antivirus won’t help you. It’s a well-marketed lie.

Antivirus for a smartphone can be useful, don’t get us wrong. But its role lies more in secondary tools than in a protection itself. If you ask us, you can get any third-party antivirus. But don’t rely on it to protect you and then drop your guard. In other terms, most of the devices offer built-in tools for protection and advanced control, so we question a need to obtain the paid tool.

  • Don’t open suspicious links.

Starting from in-app ads that pop up all the time, and leading to email and website links: don’t click everything. Or rather, install the ad blocking extension of some kind. Developers of freeware software earn their money with ads, but no one can guarantee what are those and what’s behind them.

  • Restrict permissions.

Yes, you can manually disable every permission you initially enabled. However, how many of you read the permission prompt before the app is installed? We can surely say – not many. For that purpose, it highly advised to navigate to Apps (especially on Android) and disable permissions that might seem unreasonable for certain app. You can easily enable them again in-app when it’s needed.

  • Backup your data timely.

Data backup is another essential procedure that should be a routine. And for so many reasons. You can destroy your phone, lose it,  get it stolen, or infected by malware. And your data will be always reachable. If you backup everything, you can, later on, restore your phone to old settings. Not to mention the unique memorabilia, like photos or videos. Backup frequently! In addition, watch the content you’re storing on your phone. If something is intimate, transfer it to PC and encrypt it.

  • In case you’re already trapped, don’t pay.

If you follow the previous step and you get yourself under the will of cyber-criminals, they can’t do you a thing. On the other hand, even if you’re in a hopeless scenario, you can still refuse to pay. Why the hell would I do that, you might ask. Well, because no one guarantees your data won’t be used in some malicious manner. In addition, every time they get paid for their notorious work, they are motivated to continue. Act with caution and don’t negotiate with criminals.

Conclusion

With that, we’re done. We hope this brought you closer the hazards behind ransomware and encouraged you to watch out your steps. Even its presence is limited in comparison to PC ransomware, smartphone ransomware is a cyber crime in its infancy. But once it grows, it can grow huge.

What’s your opinion on the subject? Don’t forget to tell us in the comments section below.


Read Next : »

Leave a Reply

Your email address will not be published. Required fields are marked *