US states and local government. Employees threaten their cyber security by using outdated Android devices

News Summary:

  • Nearly half of Android-based cell phones used by employees of U.S. states and local governments are running outdated versions of the operating system, according to a revealing report.

  • The slow adoption of new operating systems means millions of government devices are vulnerable to cyber-attacks.

Researchers from cyber security firm Lookout analyzed 200 million devices and 175 million applications from 2021 through the second half of 2022. They found troubling statistics that mean millions of government devices are exposed to vulnerabilities that can be used for attacks.

10.7% of federal government and another 17.7% of state and local government devices were running on Android 8 and 9, which were still unsupported in November 2021 and March 2022, respectively.

Lookout reports that 30% of federal government devices and nearly 50% of state and local government devices had not upgraded to Android 12 10 months after its release.

Lookout noted that there were 1,332 vulnerabilities in Android 8 that attackers could exploit, compared to 423 in Android 12. Because older operating systems are not supported, these are vulnerabilities that Google or Apple will not fix, and as time passes, the number of vulnerabilities will only increase.

However, government employees’ patchy adoption of new operating systems is not limited to Android users. The report highlights how 10 months after the launch of iOS 15, 5% of federal government employees and 30% of state and local government devices were still using older OS versions.

The report comes when the FBI warns(Opens in a new window) that cyber actors are likely to “continue or increase their targeting of U.S. election officials” with phishing campaigns ahead of the midterm elections.

Translated with (free version)