As the Christmas season is fast approaching and many are scheduled to meet their near and dear ones for the holidays, security experts are warning them to be aware of Juice Jacking Cyber Attacks while on travel.
Juice Jacking can be defined as a cyber-attack which involves malware infections spreading through USB charging ports installed in airports and rail transits. As charging ports double as data connections for smartphone users, the chances of installation of malware or malicious copying of sensitive data from the smartphone, tablet or other computing devices by the malware installed in USB charging ports become customary.
Currently, there is no evidence of such attacks. But a team of researchers from Georgia Institute of Technology released proof in 2013 that hackers are using certain tools dubbed as ‘Mactans’ to carry on juice jacking attacks on USB charging ports being used by Apple Devices. They are shown proof of concept at the Blackhat USA security briefings held in 2013 and 2014 on a consistent note.
In support of the claims made by the security researchers above, a team of security analysts from Symantec also disclosed their findings on an attack they dubbed as “Trustjacking” during the 2018 RSA Conference.
Apple has addressed this security issue by no longer allowing its devices to mount as a hard drive as soon as they are connected to a USB port. However, Google’s Android operating system has to improve a lot on this note- although the Android 8 & 9 operating systems did offer security patches to such vulnerabilities such as those exploited by Mactans since 2018.
Note- Juice Jacking is not possible if the device is being charged by the AC adaptor supplied by the device manufacture when the user charges the device with a power bank or using a USB cable which only does power charging. Also for those who are apprehensive about connecting their devices to public ports, usage of SyncStop can be carried out as its sole purpose is to disallow data connections via USB cables.
