Ransomware is a type of malware that aims to deny access to computing devices and the data they contain until some form of a ransom has been paid. While many forms of ransomware encrypt data on devices to prevent access, there are also forms that merely lock devices. Dogspectus, which was discovered in April 2016 by Blue Coat Labs, is an example of the second type. It infects devices without requiring any form of user interaction, rendering the device inaccessible within 10 seconds by taking advantage of several vulnerabilities in older versions of Android. The Dogspectus ransomware then displays a demand for the user to pay a ransom in the form of two $100 Apple iTunes gift cards in order for the device to be unlocked.
Although the researchers who discovered this malware have found a workaround by performing a factory reset and have even been able to recover the contents of a device, the average user would be more likely to lose the data stored on the device, which could be sensitive corporate information.
Ransomware is a growing problem and one that IT departments should be worried about. In order to protect company data from risks like these, IT personnel should ensure that they are keeping up with the latest threats as they are discovered, and every organization should regularly conduct employee awareness training about the need for all employees to back up precious information stored on devices. This type of training should be given to everyone related to the organization, including executives.
Organizations should also consider updating their policies in light of this new threat, which shows the risks of using older devices without the latest security platforms and patches. This particular piece of malware infects devices with operating systems released prior to November 2014. It is critical that employees who access enterprise data do so only on newer devices, and that security updates are regularly provided and implemented. Security platforms such as Samsung Knox, which is available on the latest Galaxy smartphones and tablets, help protect against Dogspectus and similar malware through multiple layers of security built into their hardware and software. They can also help address issues of lost or breached devices through containerization, in which personal and work information are held in separate containers on the same device.
The risks of using older versions of operating systems such as Windows XP, for which security updates and support are no longer provided, are well known. Now it seems the same can be said of older versions of mobile operating systems.
Samsung Knox provides businesses with the enhanced mobile security they need to keep their data safe. Learn how Knox can provide defense-grade security for your employees here