DHS Project Finds Security Vulnerabilities in First Responder Apps

DHS Project Finds Security Vulnerabilities in First Responder Apps

The DHS’s Science and Technology Directorate “Securing Mobile Applications for First Responders” report said that security flaws were discovered on 32 of the 33 popular apps tested.

A pilot project launched by the Department of Homeland Security has discovered critical flaws in 18 mobile apps used by public safety officials to respond to emergencies. The DHS’s Science and Technology Directorate “Securing Mobile Applications for First Responders” report said that security flaws were discovered on 32 of the 33 popular apps tested.

The department established the program in partnership with the Association of Public Safety Communications Officials and mobile app vetting company Kryptowire to test the cyberattacj vulnerability of apps used in the public safety sector. The Mobile Application Security project aims for continuous validation and threat protection for mobile apps and the security integration throughout the lifecycle of these apps.

For their study, participants selected 33 popular iOS and Android apps and tested each app’s security, privacy, and information and device access. Potential security and privacy concerns, such as access to the device camera, contacts or SMS messages, were discovered in 32 of the 33 apps, DHS said. “Critical flaws” were found in 18 of the apps.

Pilot project leaders worked with each app developer to fix the identified vulnerabilities in 14 mobile apps. According to DHS, most developers reported spending about one hour remedying their app’s vulnerabilities, with solutions including the removal of old or unused code, the enabling of built-in security provided by the operating system, and confirmation that the functionality requested is necessary for operations.

Project leaders stressed the usefulness of an ongoing app-testing program for the public safety community and the public at large.

“As more apps are adopted for public-safety missions, it is critical that a formal, ongoing app-evaluation process with incentives for developer participation be adopted to ensure current and new mobile apps are free of vulnerabilities,” said John Merrill, Director of the S&T FRG Next Generation First Responder Apex program.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • From the Most Visible to the Less Apparent

    The Cybersecurity and Infrastructure Security Agency (CISA) states “There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, and national public health or safety or any combination thereof.” Read Now

  • Work Anywhere, Secure Everywhere: 2025 Tech Predictions

    Five years after the pandemic, organizations need a flexible work reset to stay productive and support any work arrangement. Despite the pandemic-fueled workplace shift that began five years ago, companies across industries and geographies continue to increase flexible work configurations. However, many tools adopted during COVID onset remain in place today, and they now need a reset to keep employees productive and secure regardless of location. Security leaders must re-evaluate existing practices and reinvest in zero trust security, passwordless environments, and automation adoption to improve efficiency and productivity. Read Now

  • Guiding Principles

    Construction sites represent a unique sector of perimeter security, especially amidst a steady increase in commercial construction. As in any security environment, assessing weaknesses and threats remains paramount and modern technology, coupled with sound access control principles, are critical in addressing vulnerabilities at even the most secure construction sites around the world. Read Now

  • Empowering 911

    In the wake of the tragic murder of UnitedHealth Group CEO Brian Thompson, media coverage flooded the airwaves with images, videos and detailed timelines of the suspect’s movements. While such post-incident analysis is not new, today’s 911 centers now have access to similar data in real-time. This technological evolution marks a pivotal transformation in emergency response, transitioning from analog calls to a digital ecosystem capable of saving more lives. Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.