Lookout Inc., provider of mobile security solutions, released its Government Threat Report, which examines the most prominent mobile threats affecting federal, state and local governments in the United States. Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities from outdated operating systems and risky apps.

Key findings include:

  • 99% of U.S. government Android users are exposed to hundreds of vulnerabilities due to outdated operating systems.
  • App threats surged by nearly 20 times across all levels of government as the cybersecurity community recategorized the risks surrounding embedded adware.
  • 1 in 15 government employees were exposed to phishing threats. With over two million federal government employees alone, this represents a significant potential attack surface because it only takes one successful phishing attempt to compromise an entire agency.
  • Over 70% of phishing attacks against government organizations sought to steal login credentials, which is a 67% increase from 2019.
  • Nearly one quarter of state and local government employees use personal unmanaged devices, outpacing the nearly 9% in the federal government.

Mobile devices provide the same access to sensitive data as desktop and laptop computers, but very often they do not have endpoint security installed. Comprehensive mobile security is critical to defend these devices from cyberattacks and must be part of all government cybersecurity strategies. Mobile endpoint security should be paired with education and awareness training for employees.

“In the telework era, mobile devices are a primary tool for productivity, but U.S. adversaries recognize our reliance on these devices and exploit their vulnerabilities,” said Bob Stevens, VP of Americas at Lookout. “When mobile devices are compromised, they enable bad actors to enter the room and access confidential conversations and sensitive government data. An app-, network-and device-based approach to mobile security is imperative for all government agencies and departments.”

The findings are sourced from the Lookout Security Graph, which contains behavioral analysis of telemetry data from nearly 200 million mobile devices, 135 million apps and continuously analyzes over four million URLs every day.

To learn about mobile threats affecting your organization, download the U.S. Government Threat Report today.