If you are a frequent traveler who doesn’t pay that much attention when plugging your device into public charging stations, now might be the time to reconsider your actions. Authorities have recently alerted citizens to the cyber risks they face with regards to public charging.
Mobile devices are prime targets for theft, and cybercriminals are becoming more sophisticated by the day at gaining access to the information on these devices and utilizing it with malicious intent. One such method being put in the spotlight is “juice jacking,” a type of cybercrime in which a hacker uses public USB ports to install malware on a user’s device and thus steal private and confidential data.
As per the FCC’s notice, cybersecurity experts are warning the community about how easily a perpetrator can leverage public USB charging stations to illegally access electronic devices. While these are being charged through a corrupted USB port, they can lock a device and even export personal data and passwords directly to the wrong hands.
Thus, as a precautionary measure, users should avoid connecting devices to the USB port of an unknown or untrusted computer. When used carelessly, digital tools such as USB keys, media cards and USB chargers can bring harm to your devices.
The FBI announced in a tweet that using free charging stations in airports, hotels or shopping centers is not advisable. Instead, carrying your own charger and USB cord and using an electrical outlet to power your device is the safest charging method when your battery is low.
These days, accessing someone’s device can be practically as invasive and detrimental as breaking into their home. Research has shown that in less than a minute, a malicious charging station can compromise your phone and identify your browsing history, along with other data and information.
Experts add that if you are inclined to use a public charging station, you should be aware of important red flags: losing battery life more quickly; a lag or slowdown in operations; overheating; suddenly altered settings; and/or unusually high data usage.
For those who think they’ve been compromised, it is recommended to delete any suspicious apps, or in worst-case scenarios, perform a factory reset immediately to halt further damage.
To avoid being victimized, adopting a newer USB technology like USB-C or purchasing charging-only cables can be a lifesaver against such data extraction.
Because a device’s power supply and data stream typically pass through the same cable, whenever a prompt asks you to "share data" or “charge only” when you plug your device into a USB port, always select the latter option to best maximize digital safety.
If you are traveling for long periods, you can avoid unreliable charging ports, by instead pre-charging portable chargers, heavy-duty power banks and external batteries at home. This can ensure a safe battery boost while on the go.
Though juice jacking is a real and growing security threat, added features in both iOS and Android operating systems have worked to thus far prevent this type of cyberattack from becoming a widespread problem. Still, despite such good fortune, an ounce of prevention is always better than a pound of regret.
Cybercriminals Target Travelers
Most cybersecurity experts unfortunately agree that around 20% of travelers are subject to cybercrime incidents. As COVID-19 restrictions have subsided, we’ve seen the number of travelers once again surge across borders. More often than not, business travelers are seen as high-value targets, especially those working for corporations, media or government entities. Such prime potential marks should be doubly cautious.
Apart from the aforementioned risk of public device charging, many of the public — or even fake — Wi-Fi spots in hotels, airports, cafes and restaurants can also potentially read and store critical data. Even business hubs and hotel room internet access should not be blindly trusted, as any digital device can be susceptible to these remote connections.
It is a good idea to make sure all your devices are encrypted (with multi-factor authentication) and physically protected from untoward actors gaining access through a biometric scan.
Essentially, cybersecurity is generally built around three main principles: confidentiality, integrity and data availability. When traveling, it can be hard to feel safe with your device, especially if the surroundings are not well-guarded. Keeping data private and preventing unauthorized access to data should always be top-of-mind, as should an awareness of “shoulder surfing” as well.
During your next trip, be advised to stop auto-connecting, keep your device locked when not in use, never click and tell, and guard your mobile device wherever you are.
The more we travel, the more exposed we are to cyberattacks. But these threats can be mitigated with proper security practices. By being cybersmart, you’ll be able to connect with confidence, regardless of your destination.