Okay; we’ve all been there. You’re at the airport, wrapping up a successful business trip and your cellphone power is running low. You look around for a public charging station while you wait for your seating zone to be called. As you scan the crowded noisy terminal, you spot an open seat with a charging station right next to it. You are exhausted from your trip, your feet ache and you can’t believe your luck!
Image Credit Oct 27, 2015 Cheapflights Tips & News Article
You make a dash to the spot, sit down, plug in and relax for the first time since you set your alarm for the trip. Your flight begins to board, so you unplug and start making your way toward your long awaited flight home. When you scan your boarding pass, you learn you’ve been upgraded to first class! You board, stretch out and relax, and even manage to take a quick nap, waking up just before you land. You get in your car and open up your favorite driving app and see that traffic is light, so you can make it home in time to tuck your kids into bed. Sounds great, doesn’t it?
The problem is that unfortunately, you weren’t so lucky after all. That public charging station may have been hacked and may have compromised and corrupted your phone, resulting in the theft of your data.
This scenario has become a more common occurrence as thieves compromise these charging stations and use them as an entry point into your data. This process works similarly to how your home computer recognizes your phone once you plug it in to transfer photos or other data. Remember that the cellphone USB cord is used for more than charging the phone; it also serves as a conduit to transfer data from the phone to the USB port. A compromised port can trick the phone into transferring sensitive information. This is called “juiced” hacking and although airports are the most common target, you must consider other targets including any public charging station in a park, mall or conference center.
A newer version of juiced hacking is known as “video jacking” where the USB charging port is compromised through the installation of a HDMI splitter and video recorder. This allows the hacker to view and record every screen that you open on your phone and applies to all devices including iPhone, Android and Microsoft platforms. So if you access a banking application, contacts, emails, text or type in your passwords, it is all recorded.
Apple’s OS Operating Software has embedded some safety features like having to “trust” the computer attempting to access the data. While this is a nice feature, the criminals also know about this feature.
So, how do you protect yourself?
To help minimize your risks, you can purchase special charging cords that do not transmit data to charge your phone; they operate by blocking the data pins but keep the power pins open. However, the best way to prevent a compromise to your phone is to just assume the charging station is unsafe and follow the advice of the State of Washington’s CyberSecurity Office, “Your best option is to plug your phone into a wall power socket to guarantee you are only charging your battery”.
Here are some other tips that you should consider.
- Never use a public charging station. If you have to use a public charging station, avoid inputting security-related information such as phone and two-factor authentication passwords as these could be intercepted by others. You can also power-off your phone while it is charging to avoid unauthorized data transfers.
- Plug your phone into an AC power outlet, or a computer you trust using your own USB cable. Another option is to invest in a portable USB battery pack.
- To communicate, only use encrypted apps such as Signal, Silence, WhatsApp or iMessage.
- Use antivirus software that enables your phone and other devices to detect and prevent malware.
- Keep your mobile operating system up-to-date so you will always have the latest bug fixes.
Now that you are informed, you can better protect your phone and data and truly feel lucky with that first-class upgrade!
Article Written by Nathan Martin