Skip to main content

Google Explains How It Protects Android Users From Ransomware

Ransomware became something of a hot topic in 2016. The particularly nasty form of malware uses encryption to lock you out of your devices--or at least make you think you can't access them--and last year it entered the realm of public consciousness faster than Madonna did back in the '80s. Google has taken steps to protect Android devices from ransomware, and the company explained some of those precautions in a new blog post.

This post, much like the Year in Review the company published earlier this month, was written for a wide audience. That accomplishes two things: It helps combat the public perception that Android is a playground for hackers, and it makes you more aware of how companies like Google defend against ransomware. The first achievement is questionable--Android is historically less secure than iOS--but the second is important to note.

First there are the protections themselves. Google listed in its blog post the following improvements made to Android N:

Safety blinders: Apps can no longer see which other apps are active. That means scammy ones can’t see what other apps are doing—and can’t inform their attacks based on activity.Even stronger locks: If you set a lockscreen PIN prior to installing ransomware, ransomware can’t misuse your device’s permissions to change your PIN and lock you out.Whacking clickjacking: “Clickjacking” tricks people into clicking something, often by obscuring permission dialogs behind other windows. You’re now protected from ransomware attacks that use this tactic to sneakily gain control of a device.

Those features complement other safeguards, such as Verify Apps, which Google described as a security system that "analyzes apps before they are installed and then regularly checks more than 400 million devices and 6 billion apps everyday" for potentially malicious software. Android N also features improved sandboxing--which restricts the information apps can access--and defenses borrowed from the Linux kernel.

Android still plays host to malware. That's partly because many Android devices aren't updated with security patches, often due to manufacturers and carriers neglecting to distribute Google's updates to older products, and partly because Android is a pretty attractive target. It's used by more people than is iOS, and it's also used in more devices, from smartphones and tablets to Internet of Things products like refrigerators and coffee makers.

It's important for everyone to understand their preferred device's vulnerabilities and how they're mitigated. Ransomware is a growing threat, and even though it can't be held responsible for what manufacturers and carriers do with Android, it's clear that Google wants to provide a secure foundation upon which those other companies can build. Behind-the scenes fixes are great; easily understood explanations of those features are, too.

Google also provided some information about how to mitigate threats yourself. Most of it should be familiar--don't install shady apps from unknown sources, back up your data so you don't have to worry about losing access to it, etc.--but the bit about how to respond if your Android device is hit with ransomware could help if you're frantically searching (really, Googling) for how to regain access while preserving as much data as possible.