Report: Nearly 50% of 2021 Federal Employee Phishing Attacks Attempted Identity Theft

Highlights:

• According to Lookout’s 2022 Government Threat Report, mobile phishing and device vulnerability risk in US federal, state, and local governments is rising. In 2021, over 50% of phishing attempts against government employees sought employee credentials, up from 30% in 2020.

According to Lookout’s 2022 Government Threat Report, mobile phishing and device vulnerability risk across the United States is increasing across federal, state, and local government organizations. Over 50% of all phishing attacks against government people in 2021 intended to obtain employee credentials, up from 30% in 2020.

In addition to the increase in phishing attacks on government employees, the report’s findings include the following:

• Between 2020 and 2021, the federal, state, and municipal governments increased their reliance on unmanaged mobile devices by 55%, signaling a shift toward Bring Your Own Device (BYOD) to serve a growing distant workforce.
• One in eight federal personnel was vulnerable to phishing attacks. With over two million federal government personnel alone, this constitutes a substantial potential attack surface, as a single successful phishing effort is sufficient to infect an entire agency.
• From 2020 to 2021, mobile phishing encounter rates for state and local governments on both managed and unmanaged devices increased by 48% and 25%, respectively. Through the first half of 2022, this steady ascent persisted.
• The complexity of threat actors is increasing, with 16% of phishing assaults seeking to deliver malware.
• Nearly 50% of state and local government employees utilize obsolete Android operating systems, leaving them vulnerable to a multitude of device vulnerabilities. Nevertheless, this is an improvement from the 99.9% in 2021.

Phishing attacks on the government are incredibly impactful

Government agencies keep and transmit a range of sensitive data, the protection of which is crucial to the welfare of hundreds of millions of people. A breach of a government institution that results in the disclosure of sensitive information, the theft of credentials, or the forced halt of activities due to ransomware can have a disproportionately impact compared to a usual cybersecurity event.

In addition, government personnel utilize iOS, Android, and ChromeOS devices daily to boost their productivity and efficiency. Their gadgets are a treasure mine of information and a gateway to government infrastructure, making them prime targets for cyber attackers. Due to the personal nature of smartphones, tablets, and Chromebooks, endpoint security must respect user privacy while protecting the individual, the device, and the company.

Tony D’Angelo, vice president of America’s Public Sector, Lookout, said, “It’s more important than ever for government agencies to keep pace with the evolution of the cyber threat environment. Regardless of whether devices are managed, protecting these modern endpoints requires a different approach — one that is built from the ground up for mobile. Only a modern endpoint protection solution can detect mobile threats in apps, device operating systems, and network connections while also protecting against phishing attacks that steal credentials and deliver malware.”

The Lookout Government Threat Report is based on a study of Lookout Security Graph data unique to federal, state, and local government institutions. The graph, comprised of telemetry data from the survey of more than 205 million devices and more than 175 million applications, allowed Lookout to identify and categorize the most significant mobile dangers faced by government agencies in 2021 and the first half of 2022. This report’s information was produced using aggregated, de-identified Lookout data.