New research from Lookout finds that mobile threats affecting Federal, state, and local governments are on the rise. Lookout, a provider of endpoint-to-cloud security, said that mobile phishing and device vulnerability risks within government agencies has increased since 2021.
According to data analyzed by the company, nearly 50 percent of phishing attacks aimed at government personnel in 2021 sought to steal credentials, up from 30 percent in 2020. Additionally, one in eight government employees were exposed to phishing threats in 2021.
Lookout argues that “with more than two million Federal government employees alone, this represents a significant potential attack surface as it only takes one successful phishing attempt to compromise an entire agency.” The report adds, “while mobile and cloud apps have helped [agencies] remain productive while employees telework, they also significantly increase the risk of successful attacks.”
The report also finds that Federal, state, and local governments increased their reliance on unmanaged mobile devices at a rate of 55 percent from 2020 to 2021, and that more than one third of state and local government (SLG) employees used their own device in 2021. Lookout says this indicates a move toward bring-your-own-device (BYOD) to support a larger remote workforce.
“While this provides employees with greater flexibility, these unmanaged devices are more frequently exposed to phishing sites than managed devices,” the report says. “This is because personal unmanaged devices connect to a broader range of websites and use a greater variety of apps.”
A rise in mobile phishing encounter rates was seen in both managed and unmanaged devices, increasing at rates of 48 percent and 25 percent, respectively, from 2020 to 2021. Lookout noted that the steady climb continued through the first half of 2022.
Looking to the Federal government specifically, Lookout saw a decrease in phishing exposure rates for Federal unmanaged devices, suggesting that agencies increased security awareness for BYOD participants. However, phishing exposure rates for Federal managed devices increased from 2020 to 2021, only to then decrease in the first half of 2022. Lookout expects that holiday-focused phishing attacks in the second half of 2022 will elevate exposure rates.
Lookout also found that nearly 50 percent of SLG Android users are running outdated operating systems (OS), exposing them to hundreds of device vulnerabilities. While this is still a concerning percentage, it is a significant improvement over the 99 percent of SLG Android users that were running outdated OS in 2020.
In terms of how cyber attackers are using phishing attacks, malware delivery represents roughly 75 percent of all mobile phishing attacks across all industries. However, when targeting Federal and SLG entities, threat actors are increasingly interested in using phishing attacks to harvest credentials. Lookout found that in 2021, almost 50 percent of all phishing attacks sought to steal credentials.
Comparing 2021 to 2020, the proportion of credential theft attacks against Federal agencies increased at a rate of nearly 47 percent while the proportion of malware delivery decreased by 12 percent. A similar trend was seen for SLG agencies, with credential theft attacks increasing and malware decreasing gradually.
Lookout says the increase in sophisticated attacks emphasizes the need for advanced mobile phishing and malware detection. “Cybercriminals are targeting mobile devices as an entry point for executing more invasive and persistent attacks,” the report says. “All government entities need mobile security that includes endpoint detection and response capabilities to proactively hunt for these threats, which have penetrated your environment.”