A recent investigation by the Department of Homeland Security’s Office of Inspector General prompted reactions from U.S. Immigration and Customs Enforcement (ICE) following findings that the agency’s mobile device security practices could put government information at risk.
According to a report According to The Register, the inspector general’s report, released October 30, found “urgent issues” with ICE’s management of nearly 10,000 mobile devices used by employees and contractors. Auditors found thousands of unauthorized apps on the devices, including messaging apps, file sharing services, and apps associated with foreign adversaries like China And Russia.
Inspectors said these unauthorized applications could potentially collect, monitor and distribute sensitive ICE information outside of the agency’s secure containers. The report concluded that the lack of monitoring of personally downloaded applications introduced significant risks of spying, leaks and hacking.
ICE denied claims of app errors or data breaches
ICE quickly disputed the report’s findings, saying there was no evidence of nefarious activity or data breaches from the unauthorized apps. An agency spokesperson said ICE has implemented multi-layered security controls, including mobile device management software, secure containers on all devices and continuous monitoring of application behavior.
“At all times, ICE had visibility into the actions and behavior of third-party applications on ICE devices,” an agency representative said.
While acknowledging some progress in addressing the vulnerabilities, inspectors said risks will remain until ICE fully addresses deficiencies in its monitoring of user-installed applications.
The investigation focused on a sample of 250 mobile devices issued by ICE over a nearly four-month period between April and August 2022. Auditors found that more than 180 devices were not properly configured with security controls. security required.
The report comes amid growing concerns about espionage and efforts to ban apps linked to foreign adversaries, including China. The use of video-sharing app TikTok, owned by Chinese company ByteDance, was recently banned on government devices over data privacy and national security concerns.
ICE said that following the investigation, it took swift action to disable banned apps and strengthen management of its mobile devices. However, inspectors said additional measures are needed to mitigate the risks associated with unauthorized applications on ICE devices.
Featured image credit: Photo by Marek Levak; Pixels; THANKS!