DHS touts tech it funded to block mobile phishing
A Department of Homeland Security-funded product designed to better protect mobile-phone users from phishing is becoming available to government and private-sector clients, the department said Thursday.
DHS’s Science and Technology Directorate, which partially funded the tools made by mobile security company Lookout, hailed the product’s ability to block phishing attempts and detect malware lurking in mobile applications. The beefed-up product, Lookout Mobile Endpoint Security, is now available for Android and iOS operating systems, the department said.
Phishing offers hackers a cheap and easy foothold into a network by exploiting people’s trust in the internet. The rate at which victims are falling for phishing attacks on mobile devices has grown an average of 85 percent annually since 2011, according to a study by Lookout, which is based in San Francisco.
DHS is trying to lessen the threat to mobile users, including those in government, by investing in Lookout’s technology, which the department said inspects all outbound network connections but does not read message content.
The technology will “greatly increase the security of the federal government’s mobile systems for mission-critical activities,” S&T program manager Vincent Sritapan said in a statement.
“Simply managing a mobile device is not enough to protect sensitive government information,” Sritapan added. “The device also must have mobile endpoint security that alerts IT and security personnel to potential attacks.”
The mobile-protection technology targets another common hacking scheme in which attackers lace popular mobile apps with malware. Last year alone, security specialists removed 700,000 malicious apps from the Google Play store.
In announcing the newly available product, DHS cast malicious apps as a clear and present danger to federal IT networks.
“Vulnerabilities discovered in new devices and apps may be used by hackers as vectors to access sensitive government information and attack legacy enterprise network systems,” the department said. “[G]overnment mobile devices are an attractive avenue to attack backend systems containing data on millions of Americans and sensitive information relevant to government functions. ”
Lookout plans to add several security features to the mobile-security product, according to DHS, including greater detection of things like “man-in-the-middle” attacks.
