A shared scenario between many is being in public with a dying mobile devicefranticly looking for a chargerWhen coincidently you find a free charging station calling out your nameYou find a solution, but have you ever thought about the risks of using these public charging stations 

The accessibility of these public USB charging stations is convenient but connecting your device to one can put you in a vulnerable position. With just plugging in your smartphone or laptop, you’re potentially opening up an opportunity for a threat actor to steal data or install malware all without your knowledge. This is known as Juice Jacking 

Unfortunately, many are unaware of this type of cyberattack and its associated threats. So, let us dive in to understand the risks of using public USB charging stations.  

 

What is Juice Jacking? 

Juice Jacking is “a type of cyber-attack involving a charging port that doubles as a data connection, typically over USB. This often involves either installing malware or surreptitiously copying sensitive data from a smartphone, tablet, or other computer device”. So, as soon as your phone connects to another device, it forms a trusted relationship and pairs with it. Meaning the two devices are enabled to exchange data. So, while charging, the USB cord creates a path into your device that a cybercriminal could exploit. And recently, cybersecurity experts and the FBI have been informing the public of the potential risks of these stations, especially during the holiday season. 

 With borders opening up and many returning to traveling, the possibility of one being put in a situation where they’re in need of a charger is high. Now, these USB charging stations can be found in airports, malls, and even hotels, and some of these stations may have been compromised by a cybercriminal. But with almost 90% of people experiencing “Low battery anxiety” when their phone battery is less than 20%, this results in a person most likely using the station. Cybercriminals are aware of this, which is they infect USB cables causing two main threats to the victim’s device. 

 

Types of Juice Jacking: 

First is malware installation. There are times where an individual may connect their mobile device to a malwareinfected USB charging port without realizing. Once the device is connected, the cybercriminal can install adware, spyware, trojans, or in some cases ransomware to the victim’s device without their knowledge. And according to a USB threat report by Honeywell, the rate of malwares transmitted via USB devices climbed from 19% in 2019 to 37% in 2020.  Unfortunately, malwares can be difficult to detect, once within the system it disguises itself as a harmless function. But a way to identify if you’ve been infected is when you notice random notifications popping up on your device or if your device is losing battery quickly.   

-Second is data theft. A cybercriminal could grant himself access to a phone once connected to a compromised USB cable, and this connection is only visible to the power provider which is the criminal. Meaning, as you’re charging your device, your private data is being transferred to the criminal’s device. Hackers are well aware that our mobile devices contain a plethora of personal information which they can benefit from. 

 

How to Protect yourself:  

– The best thing to do is to avoid using these public USB charging stations altogether. But in the cases where you’re in critical need of a charger, then use an AC socket plug to charge your device.  

– Check that your data-transfer feature is disabled in the settings on your device before connecting to any USB cable.  

– Invest in a power bank! They are convenient and a reliable source of power for your device.  

– Use a USB passthrough device. It allows for power to pass through but deactivates the data pin on the USB cable, reassuring the user that its only charging the device without any data being unknowingly transferred.   

In Conclusion: 

The need for your phone or tablet to be running all the time has become a prime need for individuals. This means you may run out of battery any second while you’re out but that does not justify you connecting your device to a random USB charging station. We truly don’t know as to what the USB cable is connected to, and it may be connected to a threatening individual. The risks associated with these stations are severe. So be smart and bring your own source of power to avoid being a victim to data theft or malware.  

 

Be aware and stay safe!  

Share this article:

Newsletter

Popular