Report: Nearly 50% of phishing attacks in 2021 aimed at government employees were attempted credential theft

Check out all the on-demand sessions from the Intelligent Security Summit here.

According to Lookout’s 2022 Government Threat Report, mobile phishing and device vulnerability risk within U.S. government agencies (federal, state and local) is on the rise. In fact, almost 50% of all phishing attacks aimed at government personnel in 2021 sought to steal employees’ credentials, up from 30% in 2020.

In addition to the increase in phishing attacks on government employees, the report’s findings include:

  • Federal, state, and local governments increased their reliance on unmanaged mobile devices at a rate of 55% from 2020 to 2021, indicating a move toward BYOD to support a larger remote workforce.
  • One in eight government employees were exposed to phishing threats. With more than two million federal government employees alone, this represents a significant potential attack surface as it only takes one successful phishing attempt to compromise an entire agency.
  • There was a steady rise in mobile phishing encounter rates for state and local governments across both managed and unmanaged devices, increasing at rates of 48% and 25% respectively from 2020 to 2021. This steady climb continued through the first half of 2022.
  • Threat actors are gaining in sophistication, with 16% of phishing attacks also attempting to deliver malware.
  • Nearly 50% of state and local government employees are running outdated Android operating systems, exposing them to hundreds of device vulnerabilities. However, this is an improvement over 99% in 2021.

Phishing attacks on government are especially impactful

Government organizations store and transmit a variety of sensitive data, the security of which is essential to the wellbeing of hundreds of millions of people. A breach of a government agency that results in leaked data, stolen credentials or a forced halt to operations due to ransomware can have a disproportionate impact compared to a typical cybersecurity incident.

Image source: Lookout

Additionally, government employees use iOS, Android and ChromeOS devices every day to stay productive and increase efficiency. This makes them targets for cyberattackers as their devices are a treasure trove of data and a gateway to government infrastructure. Because of the personal nature of smartphones, tablets and Chromebooks, endpoint security must protect the user, the device and the organization while respecting user privacy.


Intelligent Security Summit On-Demand

Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.

Watch Here

VBR Lookout Credential Harvesting and Malware Delivery 121922
Image source: Lookout

“It’s more important than ever for government agencies to keep pace with the evolution of the cyber threat environment,” said Tony D’Angelo, vice president, Americas Public Sector, Lookout. “Regardless of whether devices are managed, protecting these modern endpoints requires a different approach — one that is built from the ground up for mobile. Only a modern endpoint protection solution can detect mobile threats in apps, device operating systems, and network connections while also protecting against phishing attacks that steal credentials and deliver malware.”


The Lookout Government Threat Report is based on analysis of data specific to federal, state, and local government organizations from the Lookout Security Graph. The graph, which includes telemetry data from analysis of more than 205 million devices and more than 175 million apps, enabled Lookout to identify and break down the most prominent mobile threats agencies faced in 2021 and the first half of 2022. Information used in this report was compiled from de-identified, aggregated Lookout data.

Read the full report from Lookout.

Originally appeared on: TheSpuzz