In an attempt to preempt the growing menace of ransomware, Google has published a blog on Android security measures, and actions that users can take to protect themselves from potential ransomware attacks. Some of these measures are available on Android 7.0 Nougat, which Google is rolling out to the larger Android device ecosystem, while others have been part of the operating system since Android Jellybean.
In the blog post, Google Senior Program Manager for Android Security Jason Woloz first talks about “safety blinders” that prevent an app from seeing what other apps are active on the device.
“That means scammy ones can’t see what other apps are doing—and can’t inform their attacks based on activity.”
Another point of attack that Google has addressed in Android 7.0 Nougat is the lock screen feature. To prevent attackers from exploiting user permission settings and changing the lockscreen PIN, Google has tweaked it and made it more secure.
The lockscreen method of attack is not uncommon, with bad actors typically using ransomware to lock the device and demand a ransom for unlocking it.
Yet another safety feature is intended to prevent clickjacking, where the attacker tricks the users into granting app permissions that they never intended to grant in the first place.
One of the more important measures Google has implemented in Android 7.0 Nougat is application sandboxing, where apps operate independently of each other. This can prevent malicious apps from viewing data stored in other apps, such as Contacts, for example.
Woloz also highlighted several things that users can do to keep their Android devices secure. One of these is to only download apps from Play Store or other trusted third-party sources. The percentage of ransomware tools in Google Play has been minuscule since 2015 – about 0.00001 percent compared to third-party sources, which averaged 0.01 percent.
“That’s less than the odds of getting struck by lightning twice in your lifetime,” says Woloz.
Android also comes with Verify Apps, a tool that scans all third-party apps before and after app installation. Woloz urges users to enable the feature, which can be done via Settings > Security > Verify apps.
Although ransomware is extremely rare on Android, per Woloz, Google has implemented all of these features to protect Android users from potential attacks.
There’s no doubt that ransomware attacks are on the rise. Look at this spike in global mentions with ransomware over time:
The problem is a global one, and it is not restricted to mobile devices or consumers. It affects large organizations as much as individual users, and desktop devices as much as mobile devices like smartphones and tablets.
It is significant that Google has disclosed these measures to assure Android users that they are relatively safe from ransomware attacks – ‘relatively’ being the operative word. Nobody is 100% safe from malware attacks, and all you can do is follow best practices to keep yourself and your device as safe as possible – and keep your software up-to-date at all times.
Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.