Android has always given IT security managers the shivers because it is such an open operating system. Now there’s another reason: The discovery of ransomware that encrypts user data.
The discovery was made by security vendor Eset, who calls it Android/Simplocker. The good news is the ransom demand is made in Russian, with payment demanded in Ukrainian currency. The bad news is there will likely be an English version shortly.
Typically ransomware locks a phone; this is a step above.
Unfortunately, staff at many organizations bring Android devices into the enterprise, forcing a number to move to open mobile policies (also known as BYOD).
One solution is to only allow staff to use secure devices from BlackBerry and Apple. Another is to enforce rules that if Android devices are to be allowed, only applications from Google Play can be downloaded. A third is to look for containerization solutions that separate corporate from personal data on Android devices, although it isn’t clear that will solve the problem.
Note that ransomware comes in many forms. Last week Cisco Systems Inc. noted the increased use of the RIG exploit kit in tampered adverting on popular Web sites (including, reportedly, Disney) which takes advantage of devices on any platform with unpatched versions of Microsoft Silverlight, Adobe Flash and Java.
“Regularly updated and patched machines which do not have rich media platforms such as Flash and Silverlight enabled remain relatively immune from these kinds of attacks,” say Cisco researchers.