A ransomware case where the infected entity did not pay the ransom occurred in the city of Atlanta,
            Georgia. This case is notable because the city had incurred costs of $2.6 million to recover data
                                                    13
            encrypted by the ransomware “SamSam.”  The perpetrators had requested $50,000 in bitcoin to provide
            codes to decrypt the affected files. SamSam also infected other entities, including health care
            organizations. SamSam infections occurred all over the world, including Portugal, Australia, Israel, and
                           14
            other countries.

            Controls to prevent malicious software from infecting your computer devices were addressed previously
            in the phishing discussion.

            Mobile malware — Mobile devices include devices such as laptops, tablets, smartphones, and
            smartwatches. Because they compose a large percentage of all types of mobile devices, this discussion
            will focus on threats to smartphones. It should be noted that many of the threats and controls relevant to
            smartphones can be extrapolated to many other types of mobile devices.

            A global study found overwhelmingly that, in advanced economies, smartphone ownership is higher than
            in emerging economies. The study also found that, in emerging economies, smartphone ownership
                                                                              15
            comprises the highest percentage of ownership of all mobile phones.  Another study noted that,
            worldwide, over 35% of people own smartphones and over 66% own mobile devices (smartphones,
                                                                                                16
            tablets, etc.). This study notes there are more than 2.71 billion smartphones in the world.
            Ransomware, phishing emails, and other malicious software can infect mobile devices. One type of
            malware that can be installed on smartphones is spyware. However, not all spyware is malware. Many
            parents use spyware to monitor their children’s use of their smartphones.

            A popular spyware program is mSpy. Similar to many other spyware programs, mSpy provides for

            1.  GPS tracking
            2.  Reading text messages, even deleted ones
            3.  Viewing call history
            4.  Reading emails
            5.  Keylogging software (records keystrokes)
            6.  Viewing photos and videos
            7.  Monitoring internet activities
            8.  Keyword alert (use of certain words, like “drugs”)
            9.  Access to contacts and calendars
            10. Incoming call blocking
                                                                                                 17
            11. Invisible mode — mSpy app can be run so smartphone user doesn’t know it’s running




            13
              https://www.wired.com/story/atlanta-spent-26m-recover-from-ransomware-scare/
            14  https://www.symantec.com/blogs/threat-intelligence/samsam-targeted-ransomware-attacks
            15
              https://www.pewresearch.org/global/2019/02/05/smartphone-ownership-is-growing-rapidly-around-the-world-
            but-not-always-equally/pg_global-technology-use-2018_2019-02-05_0-01/
            16
              https://www.bankmycell.com/blog/how-many-phones-are-in-the-world
            17
              https://www.mspyreview.net/  mSpy provides multi-language support.

            © 2020 Association of International Certified Professional Accountants. All rights reserved.    5-16