New research from Lookout reveals the most common mobile threats aimed at federal, state, and local government agencies and their employees—all of which have increased since 2021.
The U.S. government threat report, released this morning and titled "Rise in Mobile Phishing Credential Theft Targeting Public Sector," includes these key findings:
- Nearly 50% of state and local government employees are running outdated Android operating systems, exposing them to hundreds of device vulnerabilities.
- One in eight government employees were exposed to phishing threats.
- Almost 50% of all phishing attacks in 2021 sought to steal credentials of government personnel, up from 30% in 2020.
- Federal, state, and local governments increased their reliance on unmanaged mobile devices at a rate of 55% from 2020 to 2021, indicating a move toward bring your own device (BYOD) to support telework.
The report from Lookout, an endpoint to cloud security company, used the Lookout Security Graph to analyze data specific to government agencies at all levels. Telemetry data from more than 200 million devices and 175 million apps was analyzed to determine which mobile threats agencies most often face.
Some other revelations in the report:
- With hybrid, teleworking, and work-from-home environments becoming common, personal mobile devices used for work are at more risk than ever of becoming phishing campaign targets. The number of unmanaged devices—tablets, smart phones, and laptops—required BYOD policies be updated, but "personal mobile devices represent the new frontier of shadow IT."
- Mobile phishing attacks come in two varieties: credential harvesting and malware delivery. The first tricks victims into revealing their login credentials to bad actors; the latter dupes employees into installing malicious apps to devices, including new spyware such as Predator and Alien.
- Awareness and training campaigns that help employees identify and report phishing campaigns are helping to thwart hacks. Providing security tips and alerting employees to how cyber attackers operate (including citing actual attack cases) are putting a dent in the actions of cybercriminals.
- State and local employees are generally more at risk to app threats than federal workers. Why? Federal workers have more restrictions on BYOD devices.
Per a release about the report: "Government organizations store and transmit a variety of sensitive data, the security of which is essential to the wellbeing of hundreds of millions of people. In the case of government organizations, the potential fallout from a breach that results in leaked data, stolen credentials or a forced halt to operations due to ransomware can have a disproportionate impact compared to a typical cybersecurity incident."
You can view the full report here.