How to keep your android devices protected?

Malware authors are not focusing solely on Windows, in recent years they have shifted their attention to the most dominant mobile operating system, Android, which is used by many businesses smartphones and tablets.

Attackers use various techniques, such as pretending to be antivirus software or disguising their ransom demand as a local law enforcement agency and blocking the device.

So how do I keep my devices protected?

Train your employees

For employees using Android devices, it’s important to be aware of ransomware threats and to take preventive measures. Training is therefore an essential countermeasure.

  • Avoid unofficial or third-party app stores.
  • Before employees download anything from the unofficial store, they should read the reviews by other users. Malicious behaviour is quickly identified by users and comments about it are published directly on the app page.
  • Employees should always check if the permissions that the app is requesting are necessary for its proper function.
  • If possible, create a whitelist of apps allowed on company Android devices.

 

Use Security software

Have a mobile security app installed and kept up to date in all company Android devices.

 

Backup all important data

Additionally, it is important to have a functional backup of all important data from each Android device. The chances are that users who take appropriate measures against ransomware will never face any request for ransom. If they were to fall victim and see their data encrypted, having a backup turns such an experience into nothing more than a nuisance.

What if my company Android device has already been infected?

 

If your device or your employee’s device gets infected by ransomware, you have several options for its removal.

  1. Boot in safe mode

For the simplest lock-screen ransomware families, booting the device into safe mode will do the trick and the user can easily uninstall the malicious application.

  1. Revoke administrator privileges for malware

In the event that the application has been granted Device Administrator privileges these must first be revoked from the settings menu before the app can be uninstalled.

 

  1. Reset password via Mobile Device Manager

If ransomware with Device Administrator rights has locked the device using android built in PIN or password screen lock functionality, the situation gets more complicated. It should be possible to reset the lock using Google’s Android Device Manager or an alternative MDM solution.

 

  1. Contact technical support

 

  1. Factory Reset

A factory reset, which will delete all data on the device, can be used as the last resort in case none of the previous solutions are available.