February 23, 2021

Telework Exposes US Government Employees to Increasing Credential-Theft Mobile Attacks

San Francisco, CA – February 24, 2021 – Lookout Inc., the leader in mobile security, today released its Government Threat Report, which examines the most prominent mobile threats affecting federal, state and local governments in the United States. Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities from outdated operating systems and risky apps.

Key findings include

99 percent of U.S. government Android users are exposed to hundreds of vulnerabilities due to outdated operating systems.

  • App threats surged by nearly 20 times across all levels of government as the cybersecurity community recategorized the risks surrounding embedded adware.
  • 1 in 15 government employees were exposed to phishing threats. With over two million federal government employees alone, this represents a significant potential attack surface because it only takes one successful phishing attempt to compromise an entire agency.
  • Over 70 percent of phishing attacks against government organizations sought to steal login credentials, which is a 67 percent increase from 2019.
  • Nearly one quarter of state and local government employees use personal unmanaged devices, outpacing the nearly 9 percent in the federal government.

Mobile devices provide the same access to sensitive data as desktop and laptop computers, but very often they do not have endpoint security installed. Comprehensive mobile security is critical to defend these devices from cyberattacks and must be part of all government cybersecurity strategies. Mobile endpoint security should be paired with education and awareness training for employees.

“In the telework era, Android, iOS and Chrome OS devices are now primary tools for productivity, but U.S. adversaries recognize our reliance on them and exploit their vulnerabilities,” said Bob Stevens, VP of Americas at Lookout. “When these devices are compromised, they enable bad actors to enter the room and access confidential conversations and sensitive government data. An app-, network- and device-based approach to mobile security is imperative for all government agencies and departments.”

The findings are sourced from the Lookout Security Graph, which contains behavioral analysis of telemetry data from nearly 200 million mobile devices, 135 million apps and continuously analyzes over four million URLs every day.

To learn about mobile threats affecting your organization, download the U.S. Government Threat Report today.

Additional resources


Sign-up for the latest Lookout news and threat research

By subscribing you agree with our Privacy Policy
Follow on