September 12, 2019
Public USB Charging Stations Pose Data Security Risk
Imagine this: You’ve arrived at the airport. You check in, and want to tweet about your upcoming adventure. Panic sets in as you look at your phone and realize it has less that 10% battery life left. At your gate, or built into the tables at the airport bar, you see a charging station with USB outlet. You can’t resist. You take your cable, plug your device in, and kind of hope for a short boarding delay to bring your battery back into the green. Unfortunately, despite the convenience, the public USB ports can expose your devices to malware and data breaches.
The 2019 X-Force Threat Intelligence Index ranks the transportation industry as the second-most attacked industry (after the financial services industry) with 566 million records leaked in breaches. But it’s not just booking sites and airlines that need to be careful.
In an interview with Forbes, Caleb Barlow, an executive at IBM Security’s X-Force Threat Intelligence, explains that hackers can alter public USB outlets to access your data or install malware on your device, without you knowing. Alternatively, hackers may leave an ordinary-looking USB stick or charging cable in public, equipped to compromise the privacy of any unsuspecting person who connects to it. According to Barlow, it’s “kind of like finding a toothbrush on the side of the road and deciding to stick it in your mouth. You have no idea where that thing has been…”
The simplest way for jetsetters to protect their information from this kind of attack is to avoid public USB ports. Bring your own chargers, and plug them into electrical outlets (or your own portable power back) rather than a public USB jack. There are also adapters, like the “Juice-Jack Defender,” which plug in between the USB port and your cable and prevent the transmission of data during charging.
Whatever you do, if you find an unattended USB drive or cable, keep walking.