DHS Project Finds Security Vulnerabilities in First Responder Apps

DHS Project Finds Security Vulnerabilities in First Responder Apps

The DHS’s Science and Technology Directorate “Securing Mobile Applications for First Responders” report said that security flaws were discovered on 32 of the 33 popular apps tested.

  • By Jessica Davis
  • Dec 20, 2017

A pilot project launched by the Department of Homeland Security has discovered critical flaws in 18 mobile apps used by public safety officials to respond to emergencies. The DHS’s Science and Technology Directorate “Securing Mobile Applications for First Responders” report said that security flaws were discovered on 32 of the 33 popular apps tested.

The department established the program in partnership with the Association of Public Safety Communications Officials and mobile app vetting company Kryptowire to test the cyberattacj vulnerability of apps used in the public safety sector. The Mobile Application Security project aims for continuous validation and threat protection for mobile apps and the security integration throughout the lifecycle of these apps.

For their study, participants selected 33 popular iOS and Android apps and tested each app’s security, privacy, and information and device access. Potential security and privacy concerns, such as access to the device camera, contacts or SMS messages, were discovered in 32 of the 33 apps, DHS said. “Critical flaws” were found in 18 of the apps.

Pilot project leaders worked with each app developer to fix the identified vulnerabilities in 14 mobile apps. According to DHS, most developers reported spending about one hour remedying their app’s vulnerabilities, with solutions including the removal of old or unused code, the enabling of built-in security provided by the operating system, and confirmation that the functionality requested is necessary for operations.

Project leaders stressed the usefulness of an ongoing app-testing program for the public safety community and the public at large.

“As more apps are adopted for public-safety missions, it is critical that a formal, ongoing app-evaluation process with incentives for developer participation be adopted to ensure current and new mobile apps are free of vulnerabilities,” said John Merrill, Director of the S&T FRG Next Generation First Responder Apex program.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • 2025 Security LeadHER Conference Program Announced

    ASIS International and the Security Industry Association (SIA) – the leading membership associations for the security industry – have announced details for the 2025 Security LeadHER conference, a special event dedicated to advancing, connecting and empowering women in the security profession. The third annual Security LeadHER conference will be held Monday, June 9 – Tuesday, June 10, 2025, at the Detroit Marriott Renaissance Center in Detroit, Michigan. This carefully crafted program represents a comprehensive professional development opportunity for women in security this year. To view the full lineup at this year’s event, please visit securityleadher.org. Read Now

    • Industry Events

  • Report: 82 Percent of Phishing Emails Used AI

    KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting organizations at the start of 2025. Read Now

  • NRF Supports Federal Bill to Thwart Retail Crime

    The National Retail Federation recently announced its support for the Combating Organized Retail Crime Act of 2025. The act was introduced by Chairman Chuck Grassley, R-Iowa, Senator Catherine Cortez Masto, D-Nev., and Representative Dave Joyce, R-Ohio. Read Now

  • ISC West 2025 Brings Almost 29,000 Industry Professionals to Las Vegas

    ISC West 2025, organized by RX and in collaboration with the Security Industry Association, concluded at the Venetian Expo in Las Vegas last week. The nation’s leading comprehensive and converged security event attracted nearly 29,000 industry professionals and left a lasting impression on the global security community. Over five action-packed days, ISC West welcomed more than 19,000 attendees and featured 750 exhibiting brands. Read Now

    • Industry Events
    • ISC West

  • Tradeshow Work Can Be Fun

    While at ISC West last week, I ran into numerous friends and associates all of which was a pleasant experience. The first question always seemed to be, “How many does this make for you?” Read Now

    • Industry Events
    • ISC West
Most   Popular

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.