Story image

Google committed to keeping ransomware away from Android

09 May 2017

Have you ever wondered how Google protects Android and Google Play from malware and ransomware? It turns out that ransomware - on Android at least - is rare, but it does strike.

Jason Woloz, senior program manager of Android Security released a blog in March, in which it showed how ransomware strikes, what it does and why Android Nougat users are supposedly safe.

Woloz says that since 2015, fewer than 0.00001% of apps on the Google Play store and less than .01% of apps elsewhere were ransomware. While those statistics may seems small, ransomware does get through.

When ransomware strikes Android, it either restricts access to the device and then demands payment to regain access; or encrypts the external storage and then demands payment to decrypt that data.

Woloz says that Android's ‘Verify Apps’ system analyses all apps before they are installed. It also checks more than 400 devices and 6 billion apps every day for anything that looks suspicious.

It also uses ‘Application Sandboxing’ to make each app run independently. 

They also “require apps to mutually consent to sharing data, a protection which limits ransomware’s ability to access sensitive information like a contact list from another app,” Google says.

Woloz claims that Android 7.0 Nougat has better ransomware defences, including safety blinders that stop apps from seeing what others are doing; better lockscreen defences so ransomware can’t lock users out; and better protection against ‘clickjacking’.

The best protection is prevention, however. Google recommends that users download apps from trustworthy sources; install the Verify Apps software is installed; use security solutions; back up device contents; and exercise caution.

But latest protection aside, what do you do if you’ve installed ransomware? Google offers the following tips:

Boot into safe mode. If an app is acting strangely in normal mode but acts fine in safe mode, the issue lies with a third party app. Use safe mode to uninstall the app and then reboot the device.

If that doesn’t work, Google suggests resetting the device to factory settings, also known as a hard reset or device format. This allows you to remove dangerous apps.

“This should be your last resort, but if you’ve backed up your files, resetting your device should be easy. Check with your carrier or device manufacturer for instructions on how to reset your phone,” Woloz says.

Why 'right to repair' legislation could be a new lease on life for broken devices
“These companies are profiting at the expense of our environment and our pocketbooks as we become a throw-away society that discards over 6 million tonnes of electronics every year.”
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
SAS partners with NVIDIA on deep learning and computer vision
“By partnering with NVIDIA, we combine our strengths to augment human intelligence and realise the true potential of AI.” 
Why businesses must embrace automation to ensure success
“For many younger workers, the traditional view of a steady job at one company, perhaps for life, simply doesn’t reflect reality."
Dropbox invests in hosting data inside Australia
Global collaboration platform Dropbox has announced it will now host Australian customer files onshore to support its growing base in the country.
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
How Cognata and NVIDIA enable autonomous vehicle simulation
“Cognata and NVIDIA are creating a robust solution that will efficiently and safely accelerate autonomous vehicles’ market entry."