DHS Test Finds Flaws in 32 Out of 33 Emergency Responder Apps

The Department of Homeland Security revealed this week that its pilot test of mobile apps relied upon by emergency responders found security and/or privacy vulnerabilities in 32 of the 33 apps tested. The apps were selected from among the most popular apps offered through AppComm, which is DHS’ directory of public safety apps. Eighteen of the flaws found were said to be “critical” in nature.

“This pilot project illustrates the efficacy, benefits and value an ongoing app-testing program will provide to the public-safety community and the nation,” said Vincent Sritapan, S&T’s Program Manager for Mobile Security Research and Development. “During the testing phase, numerous cyber vulnerabilities were identified and remediated. This model can be used to ensure all apps used by the public-safety professionals are secured against cyberattacks and other security and privacy weaknesses.”

Pilot project leaders worked with each app developer to remediate identified vulnerabilities. So far, ten developers successfully remediated their apps, and as a result of the pilot project, the security and privacy concerns of 14 mobile apps were addressed.

Most developers who fixed their app’s vulnerability(ies) reported investing approximately one hour on remediation. Remediation steps included removing old or unused code, enabling built-in security provided by the operating system, and ensuring the functionality requested is necessary for operations.

“As more apps are adopted for public-safety missions, it is critical that a formal, ongoing app-evaluation process with incentives for developer participation be adopted to ensure current and new mobile apps are free of vulnerabilities,” said John Merrill, Director of the S&T FRG Next Generation First Responder Apex program.

 

 

Posted in General News

Tags: DHS

Print Email

This Week on FEDtalk

It’s (almost) National Park Week!

Tune in next week to hear from the National Parks Service (NPS) about all the activities going on around the country for National Park Week April 21-29, including Junior Ranger Day and Park Prescription Day.

Read more ...

Hear it from FLEOA

An Update on the OPM Cyber Breach

In the wake of the most recent data breach of Equifax, FLEOA has provided an update on the June 2015 Office of Personnel Management (OPM) data breach to include claims, lawsuits and legislation.

Read more ...
FEDagent

FEDagent.com

The free weekly e-report for Federal Law Enforcement

Get in touch with us

Email FEDagent publisher

Copyright 2018 FEDagent.com
Hosted by Peak Media Company, LLC