Ransomware Gone Mobile: How Businesses Can Stay Safe

Hackers and cybercriminals are constantly evolving – trying new tactics, ditching the ones that no longer work, and emphasizing the ones that are getting the best results. And in 2020, ransomware is the most lucrative option they have available at their disposal. But it might not be the type of ransomware you typically think of.

Mobile Ransomware – How to Protect Your Business

Ransomware Definition

Ransomware is often deployed in complex ways, but it’s actually fairly simple in nature. The basic idea behind ransomware – which is basically a form of malicious software – is this: Lock and encrypt the user’s computer/device and demand a ransom in order to restore access.

 

Ransomware is a massive illegal money-making scheme that hackers use with great success. And much like real-world ransom situations where the kidnapper threatens to kill the hostage, hackers often threaten to permanently revoke access if payment isn’t made within their suggested timeframe.

 

The trouble – or one of the troubles, we should say – is that paying the ransom doesn’t always ensure access will be restored. Hackers are anonymous and generally hard to track down, so there’s little stopping a ransomware attacker from continuing to extort a victim for money.

 

In other words, the best rule of thumb is to avoid a ransomware attack in the first place. Because once you’ve been compromised, you’re at the mercy of the hacker.

 

Ransomware comes in an assortment of types and flavors, including:

1. Crypto malware

This ransomware is costly, damaging, and frustrating. It goes in and encrypts key folders, files, and drives. If you don’t pay up, the hacker continues to lock you out. For businesses, this means paying or being without key business assets and revenue drivers.

2. Scareware

This is one of the simplest forms of ransomware. In fact, you’ve probably been exposed to this type on more than one occasion. It often comes in the form of a fake popup that says your computer is infected and needs an antivirus solution. Sometimes the trick is to get the user to buy the fake product. Other times, the trick is to get the user to download a piece of ransomware so that more money can be extracted.

3. Dxoware

This type of ransomware threatens to publish sensitive information online if the price isn’t paid. For businesses, this can be costly on many fronts. Not only can it be used to release intellectual property, but it can also hurt the company’s reputation and attract lawsuits, should consumer data be published.

4. RaaS

Otherwise referred to as “Ransomware as a Service,” RaaS ransomware is hosted anonymously and requires you to purchase software in order to restore access to the data.

In 2019 alone, it’s estimated that ransomware attacks in the United States cost businesses and individuals a whopping $7.5 billion. Among those who experienced attacks were 113 governments and agencies, 764 healthcare providers, 1,233 schools, two American cities (New Orleans and Baltimore), and many thousands of enterprises and small businesses.

Ransomware Gone Mobile

Almost all recent ransomware attacks occurred on computers. But with the growth of mobile devices in the workplace, ransomware has shifted its focus and is now keyed in on mobile devices like smartphones and tablets.

 

Over the past few years, millions of devices have been hit by attacks like ScarePakage, Android.Locker.38.origin, Worm.Koler, Black Rose Lucy, Cryptolocker, and more.

 

While most mobile ransomware attacks center on individuals, the growth of BYOD movements at an enterprise level means businesses have to worry about this threat as well. A failure to do so could lead to serious consequences.

Preventing Mobile Ransomware Attacks

The danger of mobile ransomware attacks – or any ransomware attacks, for that matter – is multifaceted. The most direct cost is the ransom payment. (For perspective, the average ransom payment was $41,198 in Q3 of 2019.) But it’s all of the indirect and ongoing costs that ultimately doom a business. This includes downtime, reputation loss, liability, data loss, and collateral damage.

 

If you want to protect your business, you need to prevent mobile ransomware in the first place. Here are some timely suggestions:

  • Stay informed. Ransomware is anything but static. New attacks, methods, and software are being developed on a daily basis. It’s imperative that you stay informed so that you know how to best protect your business, employees, and devices.

 

  • Enforce a BYOD security policy. It’s not enough to have a BYOD policy. You have to actually enforce it. A failure to do so means employees won’t take you seriously and will continue to violate rules that are meant to protect them and their devices. In other words, put your money where your mouth is!

 

  • Install security patches. Ransomware typically makes its way onto a device via a download. Sometimes these downloads occur by visiting compromised websites. You can avoid them by installing and updating the latest security patches.

 

  • Back up all files. By backing up your files in a third-party cloud that’s unconnected to the rest of your business, you can reduce the cost and risk of ransomware.

 

  • Use the right mobile security solution. Finally, make sure you’re using comprehensive security solutions that are specifically designed to provide protection against mobile ransomware attacks (among other threats).

 

There’s no singular method for preventing ransomware attacks. It requires a concerted effort on all fronts. But if you focus on these suggestions, you’ll significantly diminish your chances of being compromised.

Check Point Mobile Security

Mobile attacks more than doubled in 2019. But with SandBlast Mobile – the market-leading mobile threat defense solution – you can protect your sensitive data and keep your organization safe.

 

With SandBlast Mobile, you get advanced threat protection against ransomware, phishing, OS exploits, Man-in-the-Middle attacks, and more. You also get full real-time visibility into risks so that you know how various threats are impacting you on the mobile front.

 

To learn more, please contact Check Point today!

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO