Write a response to the post, use your own words around 150 words

--

What will it take for mobile apps and systems to have better security?

Most of the consumers are using mobiles and systems to store their data, more and more valuable data are being stored on these devices, which leads to the fact that all of us carry those devices around. Android ransom ware is becoming ever more worthwhile for attackers to attack mobile and systems. Both on windows and on Android, lock screen are now a days usually of police ransom ware kind, trying to scare the victims into paying up after accusing them of harvesting illegal content on their devices. Likewise, as with the infamous Windows Crypto locker ransom ware family, crypto ransom ware on Android started using strong cryptography, which meant that affected users, had no practical way of regaining the hijacked files. And because everyday data, such as photos, for example, are now kept on smart phones rather than PCs by so many people, the threat of losing this data is now greater than ever. As far as ransom ware on Android is concerned, we have several variants where the code for decrypting files or uninstalling the lock screen was missing altogether, so paying for decrypting files on the mobile to the attacker would not have solved anything. At the level of a single user or a business being a victim of crypto ransom ware and facing a loss of data, it boils down to a question of trust. Can the cybercriminals be trusted to keep their end of the bargain and decrypt the files after the ransom has been paid? Obviously, there are no guarantees. And even if the files are decrypted, there is nothing stopping attackers from coming back for more. Taking the wider view of the whole ransom ware economy, giving in to attackers demands only fuels the problem. As mentioned above, prevention by adhering to basic security principles, using updated security software on Android, and backing up your data is much more sensible option. And with all of those precautions being readily available and easy to use, there really is no reason not to do so. For users of Android devices its important to be aware of ransom ware threats and to take preventive measures. Among the most important active measure to take are avoiding unofficial app stores and having a mobile security app installed and kept up to date. Additionally, it is important to have a functional backup of all of important data from device.

What are 3 steps can IT department and Consumers take to avoid being bitten by mobile app ransom ware? Which of these is likely to be the most successful?

Back Up your data: The single biggest thing that will defeat ransom ware is having a regularly updated backup. If you are attacked with ransom ware you may lose that document you started earlier this morning, but if you restore your system to an earlier snapshot or clean up your machine and restore your lost documents from backup, you can rest easy. Remember that Cryptolocker will also encrypt files on drives that are mapped. This includes any external drives such as a USB thumb drive, as well as any network or cloud file store that you have assigned a drive letter. So, what you need is a regular backup regimen, to an external drive or backup service, one that is not assigned a drive letter or is disconnected when it is not doing backup.

Patch or update your software: Malware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. It can significantly decrease the potential for ransom ware pain if you make a practice of updating your software often. Some vendors release security updates on a regular basis, but there are often out of band or unscheduled updates in case of emergency. Enable automatic updates if you can, or go directly to the software vendors website, as malware authors like to disguise their creations as software update notifications too.

Reputable security suite: It is always a good idea to have both anti malware software and a software firewall to help you identify threats or suspicious behavior. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have both layers of protection. And at this point, most malware relies on remote instructions to carry out their misdeeds. If you run across a ransom ware variant that is so new that it gets past anti malware software, it may still be caught by a firewall when it attempts to connect with its Command and Control (C&C) server to receive instructions for encrypting your files.

Among these 3 mentioned steps, backup method for our data is likely to be successful because it is simple and easy to implement.