Published on November 11, 2023, 10:38 am
Image source: Fox News
TLDR: A recent investigation by the Department of Homeland Security's Office of the Inspector General found that U.S. Immigration and Customs Enforcement (ICE) has potential mobile security risks due to unauthorized apps on its employees' devices. The report highlighted concerns about espionage, leaks, and hacking, but ICE disputed the allegations and stated that there is no evidence of nefarious activity or data breaches. The agency claims to have implemented multiple layers of security controls but acknowledges the need for further improvement in oversight practices.
A recent investigation by the Department of Homeland Security’s Office of the Inspector General has received a response from U.S. Immigration and Customs Enforcement (ICE) regarding concerns about potential mobile security risks. The probe found that ICE’s mobile device security practices may be compromising government information.
According to a report by The Register, the inspector general’s report, released on October 30, identified “urgent issues” with how ICE manages nearly 10,000 mobile devices used by its employees and contractors. Auditors discovered thousands of unauthorized applications on these devices, including messaging apps, file-sharing services, and apps associated with foreign adversaries such as China and Russia.
Inspectors concluded that these unauthorized apps could gather sensitive ICE information and potentially transmit it outside the agency’s secure containers. The report emphasized that the lack of oversight for personally downloaded apps introduced significant risk of espionage, leaks, and hacking.
In response to these findings, ICE swiftly disputed the allegations made in the report. The agency stated that there is no evidence of nefarious activity or data breaches resulting from the unauthorized apps. An ICE spokesperson explained that the organization has implemented multiple layers of security controls to protect its mobile devices, including mobile device management software, secured containers on all devices, and continuous monitoring of app behavior. According to an agency representative, ICE maintained visibility over third-party application actions and behavior on their devices at all times.
Inspectors acknowledged some progress in addressing vulnerabilities but highlighted that risks persist until ICE fully addresses oversight deficiencies related to user-installed apps.
The investigation focused on a sample of 250 mobile devices issued by ICE during a four-month period from April to August 2022. Auditors found that over 180 devices were not properly configured with required security controls.
The release of this report coincides with growing concerns about espionage activities and efforts to ban apps associated with foreign adversaries like China. Recently, the use of TikTok—an app owned by Chinese company ByteDance—was banned on government devices due to concerns about data privacy and national security.
ICE confirmed that it took prompt action following the investigation, disabling prohibited apps and strengthening its mobile device management. However, inspectors underscored the need for additional measures to mitigate risks associated with unauthorized apps on ICE devices.
In conclusion, ICE has responded to a probe by pushing back against findings suggesting mobile security risks within the agency. While the inspector general’s report identified vulnerabilities related to unauthorized apps on ICE-issued devices, the agency denies any evidence of malicious activity or data breaches resulting from these apps. The organization maintains that it has robust security controls in place but acknowledges the need for further improvement in oversight practices.
Original article posted by Fox News
