By Zachary Amos, Features Editor at ReHack
Much can be said about people and their beloved mobile devices. Some just can’t get enough of the latest trends on social media. Others only need their phones for business calls and company tasks. Mobile devices are a necessity nowadays, especially since everything is accessible with just a few taps.
What Is Juice Jacking?
Everyone should understand that cybersecurity is a necessity now more than ever. New risks arise every year. Last April, the Federal Communications Commission warned the public against the threat of juice jacking.
Juice jacking is a cyber threat where criminals load malware into public USB ports in airports and hotels to access people’s phones illegally. When people plug their phones into those hacked ports, criminals steal critical data like passwords and lock devices. The stolen information can then be used to access online banking and other accounts or sold to a third party.
Should You Worry About It?
You should be aware of juice jacking scams. Today, people always have their phones with them. Mobile phones usually contain personal data and other sensitive information that can be abused if accessed by malicious users.
It always pays to be vigilant when using public systems, especially USB ports. While the prospect of free charging can be enticing to many, it certainly comes with risks.
Protect Yourself From Juice Jacking
To best protect any personal data from juice jacking, keep the following steps in mind.
1. Carry an Extra Power Source
Powerbanks are another excellent option for people who need to top up their mobile devices. These devices are a life-saver when traveling and are small enough to slip inside a pocket or bag compartment.
2. Use Charging-Only Cables
If charging is essential, consider using a charging-only cable. This reduces the risk of plugging into a compromised USB port, denying would-be hackers access to your personal data and other sensitive information.
3. Use AC Power Outlets If Necessary
Carrying a personal charger is always a good practice, especially for people on the go. Having a spare in the car or inside a bag for emergencies never hurts.
4. Use Public USB Ports for Charging Only
If you connect to a public port and a prompt appears asking to “Share Data,” be alarmed immediately. Choose “Charge Only” among the options if charging is necessary.
Modern Age, Modern Threats
Companies have developed sophisticated devices that hackers can take advantage of. One of these devices is the O.MG cable, which testing professionals use to access systems and snoop on data from the connected device. It looks like any ordinary iPhone cable, only it has a tiny web server implant, USB communications and Wi-Fi access.
The cable is available in various configurations like USB A to Micro, USB C to Lightning, and USB C to C. It can pull off keystroke injection attacks and be used to launch software applications, download malware and save passwords. It’s a stealthy, unassuming-looking tool that can be damaging in the wrong hands.
Travelers and ordinary people unaware of this cyber threat can be easy targets for criminals. With open access to victims’ devices, malicious individuals can easily juice jack iPhones, Android phones and other mobile devices. The owners would be none the wiser. When — or if — they realize their devices have been compromised, it would be too late.
Ensuring Cybersecurity for Businesses
On a broader scale, juice jacking attacks are just one of many threats people can be vulnerable to regarding cybersecurity. Criminals see ordinary citizens as easy targets, but the same applies to company employees.
Criminals choose targets based on their vulnerabilities. As businesses try to keep costs down, they also sacrifice a lot regarding cybersecurity. Small businesses tend to be less fortified than corporations, making them a prime target for cybercriminals. A 2019 data breach report showed that 43% of cyberattacks are data breaches against small businesses.
Another compelling reason companies should take cybersecurity more seriously? To save time and resources from going into repairs and investigations. Protecting sensitive company information and personal data of employees and maintaining optimal performance of systems should be prioritized.
Employees must be trained in various levels of cybersecurity, including teaching them how their personal devices can be used for malicious purposes by bad actors. Employees should be able to recognize threats like juice jacking and understand that even a simple charging cable can compromise the company’s data and theirs.
Cybersecurity Is Everyone’s Concern
Juice jacking is one of many cybersecurity threats on the horizon. Fortunately, a little vigilance can go a long way. Being aware of the risks and taking proper precautions can be the difference between being safe and getting taken advantage of.
As the Features Editor at ReHack, Zac Amos writes about cybersecurity, artificial intelligence, and other tech topics. He is a frequent contributor to Brilliance Security Magazine.
.
.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.