February 24, 2021

Telework Exposes US Government Employees to Increasing Credential-theft Mobile Attacks

New Lookout Threat Report: 70% of government-focused mobile phishing attacks sought to steal credentials in 2020.

San Francisco, CA – February 24, 2021 – Lookout Inc., the leader in mobile security, today released its Government Threat Report, which examines the most prominent mobile threats affecting federal, state and local governments in the United States. Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities from outdated operating systems and risky apps.

Key findings include:

99 percent of U.S. government Android users are exposed to hundreds of vulnerabilities due to outdated operating systems. 

  • App threats surged by nearly 20 times across all levels of government as the cybersecurity community recategorized the risks surrounding embedded adware.
  • 1 in 15 government employees were exposed to phishing threats. With over two million federal government employees alone, this represents a significant potential attack surface because it only takes one successful phishing attempt to compromise an entire agency. 
  • Over 70 percent of phishing attacks against government organizations sought to steal login credentials, which is a 67 percent increase from 2019.
  • Nearly one quarter of state and local government employees use personal unmanaged devices, outpacing the nearly 9 percent in the federal government.

Mobile devices provide the same access to sensitive data as desktop and laptop computers, but very often they do not have endpoint security installed. Comprehensive mobile security is critical to defend these devices from cyberattacks and must be part of all government cybersecurity strategies. Mobile endpoint security should be paired with education and awareness training for employees. 

“In the telework era, Android, iOS and Chrome OS devices are now primary tools for productivity, but U.S. adversaries recognize our reliance on them and exploit their vulnerabilities,” said Bob Stevens, VP of Americas at Lookout. “When these devices are compromised, they enable bad actors to enter the room and access confidential conversations and sensitive government data. An app-, network- and device-based approach to mobile security is imperative for all government agencies and departments.”

The findings are sourced from the Lookout Security Graph, which contains behavioral analysis of telemetry data from nearly 200 million mobile devices, 135 million apps and continuously analyzes over four million URLs every day.

To learn about mobile threats affecting your organization, download the U.S. Government Threat Report today.

Additional Resources

- Learn more about how to secure your government organization.

- Sign up for a free 90-day trial.

- Follow Lookout on its blog, LinkedIn and Twitter.

About Lookout

Lookout is a leading cybersecurity company. Our mission is to secure and empower our digital future in a privacy-focused world where mobility and cloud are essential to all we do for work and play. We enable consumers and employees to protect their data, and to securely stay connected without violating their privacy and trust. Lookout is trusted by millions of consumers, the largest enterprises and government agencies, and partners such as AT&T, Verizon, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C. To learn more, visit www.lookout.com and follow Lookout on its blog, LinkedIn, and Twitter.

Contact Lookout PR: press@lookout.com

Lookout press kit and media resources

Get the resources call_made