Cybersecurity: mobile ransomware, a new treath

Mobile ransomware

It’s becoming easier and easier to understand cybersecurity’s importance (as you can see from the CyberSecurity expense growth), as two weeks ago WannaCry hack demonstrated. Hacks’ data are alarming and an emblematic example is the Italian hack. Mobile ransomware attacks, just in the first 2017 quarter, increased by 253% according to a recent Kaspersky Lab report.

This report shows how in the first months of the year ransomware files are three and a half times more compared to the ones of the previous quarter. This ransomware’s family (Congur) is able to set/reset device’s passcode and give attackers access to data. It is also responsible of more than 86% of these mobile attacks. The report highlights how some of Congur’s variants are even more dangerous. Using administration rights, they install their module into the system folder where it’s almost impossible to remove.

Modifications are growing

Mobile’s most common ransomware is the Trojan-Ransom.AndroidOS.Fusob.h according to Kaspersky Lab and once run and obtained administrator privileges, it collects all the information about the device and upload it to a malicious server. Then it comes to the hacker that views the data to send back or not a request to block the device.

According to Roman Unuchek (senior malware analyst at Kaspersky Lab) cybersecurity is becoming more and more important: “The mobile threat landscape for ransomware was far from calm in Q1” – and continues – “Ransomware targeting mobile devices soared, with new ransomware families and modifications continuing to proliferate. People need to keep in mind that attackers can – and increasingly will – try to block access to their data not only on a PC but also on their mobile device.

Cryptor’s families are growing and this is one of the most worrisome element to consider. Researchers found 11 new families and more than 55.000 new modifications just in Q1. A vulnerability assessment in addition to diversification is now necessary as ransomwares are targeting all devices, systems and networks.

This threat’s width is huge; according to the report, the US is the country that’s been hit harder, followed by Uzbekistan, Canada, Kazakhstan, and Italy. Svpeng ransomware is the most infamous danger; it allows attackers to demand from $100 to $500 to unlock infected devices.

Overall, Kaspersky Lab detected 479,528,279 malicious attacks from online resources, located in 190 countries worldwide.

Improving our cybersecurity:

There are a few tips that could use to prevent an attack of a mobile ransomware:

  1. Use cybersecurity solutions, and make sure they keep all software up to date.
  2. Regularly run a system scan to check for possible infection. Swascan, with its vulnerability and network assessments, and its source code review assures you the maximum protection available in order to avoid attacks of any kind.
  3. Be wise while online. Do not send personal information unless you are 100% of website’s reliability.
  4. Constantly back up valuable information.

Protect yourself!

In order to assure to your business the best tool available, Swascan developed a special cybersecurity platform. It is completely in Cloud, Pay per Use and SaaS. You can see for yourself in our brochure: Cybersecurity platform and have an in-depth look at our services. Our three services cover all the governance needs in terms of risk management and periodic assessment. Basically, if you need to understand the areas in which your efforts must focus, Vulnerability Assessment, Network Scan and Code Review are the right tools for you. Last but not least, don’t forget GDPR: our platform is 100% GDPR compliant ( GDPR infographic ).

Ransomware attacks causes cyber security stocks to rise
Cybersecurity guide: looking for protection

Cyber Incident Swascan Emergency

Contact us for immediate support

The undersigned, as data subject, DECLARES that I have read and understood the content of the privacy policy pursuant to Article 13, GDPR. AGREE to the processing of data in relation to the sending by the Data Controller of commercial and / or promotional communications relating to (i) own products / services, or (ii) products / services offered by third parties.
The consent given may be revoked at any time by contacting the Data Controller at the addresses provided in the aforementioned privacy policy.