Pulse

By GCN Staff

Blog archive

DHS cites threats from out-of-date Android OS versions

The Homeland Security Department and FBI have warned police, fire departments and security personnel that Android users running out-of-date operating systems on their devices pose a significant security threat to their organizations, NetworkWorld reported.

In the July memo, which was “for official use only” and therefore not widely circulated, DHS said “industry reporting” showed that 44 percent of Android users were “still using versions 2.3.3. through 2.3.7 of the OS – known as “Gingerbread” – which were released in 2011 and carried a number of security flaws that were repaired in subsequent versions.

“The growing use of mobile devices by federal, state and local authorities makes it more important than ever to keep mobile OS[es] patched and up-to-date,” the notice said.

DHS cited three threats to those carrying devices with obsolete Android OSes and outlined a mediation tactic:

SMS Trojans

Text message Trojans account for about half of the malware on older Android devices, DHS said. A common exploit sends texts to premium rate phone numbers owned by criminals and results in high charges to the user. Security suites are now available to knock out the threat, according to the memo.

Rootkits

This is hidden malware that logs a user’s locations, keystrokes or passwords without the user’s knowledge. DHS recommended installing the Carrier IQ test free app that can find and remove the malware.

Fake Google Play domains

Users should install and update antivirus software to knock out these exploits, which trap users into installing apps that let hackers get at financial data and log-in credentials, DHS warned.

Posted by GCN Staff on Nov 06, 2013 at 11:23 AM


Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.