Outdated Android and iOS phones could put US government workers at risk of attack

Many government workers are using ancient phones, experts warn

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Many individuals working across US government agencies and organizations are usingsmartphoneswith outdatedoperating systems, putting both them and the organizations they work for at major risk ofidentity theft, data leaks, and other forms of cybercrime.

A report from cybersecurity experts Lookout analyzing some 200 million devices and 175 million application, between 2021 and H2 2022 found US government workers are rather slow when it comes to mobile phone updates.

In fact, ten months after iOS 15 was released, 5% of federal government employees, and almost a third (30%) of state and local government devices, were still running older versions of the operating system.

Security risks

But iOS is a closed ecosystem in whichApplebuilds and pushes updates to all iOS-powered devices - whereas Android is much more decentralized and thus, riskier.

WhenGooglereleases a new update, it first needs to be adopted and tweaked by device manufacturers (for exampleSamsung,LG, Asus, OnePlus, and even Google itself) before being pushed to their respectiveendpoints.

That makes Android updates significantly slower to roll out compared to iOS. As a matter of fact, ten months after releasing Android 12 (which was the latest version at the time of the analysis), 30% of federal devices, and almost 50% of state and local government devices, were still sporting older versions.

Millions at risk as old operating systems still power 1/10th of Android devices>Android 11 still isn’t on as many phones as Android 10>These are the best Android antivirus apps so far

Running outdated versions of the operating system is a major cybersecurity risk, because older versions have known vulnerabilities that cybercriminals can easily exploit to bypass mobile antivirus solutions and deliver all kinds of nastymalware.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

At one point, older versions reach end of life and stop receiving support through security updates. In other words, if a vulnerability is found after end of life, it will stay unpatched, giving threat actors an easy way into the devices.

Google, for example, no longer supports Android 8 and 9, which are still being used by 10.7% of federal government employees, and 17.7% of state and logal government employees. According toBleepingComputer, these two versions have two thousand known vulnerabilities that will never be fixed.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

TP-Link Archer BE3600 Wi-Fi 7 Router review

Ulefone Armor Pad 3 Pro rugged tablet review

Apple iMac 24-inch M4 (2024) review: the best, and most colorful, all-in-one computer levels up