You have just passed TSA airport security. Now you are heading to your gate. You notice that your phone needs to be charged so you can binge-watch the movies on your long flight. Panic sets in as you look for your phone charger cord. You realize you forgot it at home. You don’t want to spend $20 at an airport store for a cheap charger cord that you can get online for $7. You don’t want to spend your time on the flight reading an airport magazine and listening to someone next to you talk for three hour about their latest vacation with dolphins.
What can you do?
You can find two lemons and some steel nails to make your own phone charger. Imagine what the TSA would think if they saw you building something similar.
But wait! But wait! You run over to find the exact cable you are looking for. It’s inviting you to plug your phone in to charge it. Problem solved! You smile and realize that you’ll soon be fully charged up and ready for action.
What could go wrong?
The answer is “juicejacking.”
Forbes Caleb Barlow, Vice-President of X-Force Threat Intelligence, IBM Security, stated that their research shows that a growing number nation-state cybercriminals are targeting travelers and taking to airports. The transportation industry is now second most attacked, up from tenth in 2017. Why? Why?
Barlow also warned about the free, quick-charge charging stations for cell phones that are often found in airports. These charging stations could be modified by cybercriminals. How? They could also infiltrate the supply chains as these devices are being made and insert their malware (that’s already happened). They could also insert a small device between the connector for a smartphone and the legitimate cable (another common trick). The attackers can then download data from your phone, such as contact lists, photos, texts messages, and corporate documents, or infiltrate it. Or they could infiltrate (upload malware onto your phone).
Barlow puts it like this: “Plugging in a public USB port can be kind of like finding a toothbrush along the side of the road and then deciding to stick it into your mouth.” “You don’t know where it has been.” (And that leaves you with a mental picture you will soon forget). ).
This is known as juice-jacking in the security world.
Here’s the technical background. There were once dedicated charging ports for smartphones. To use them, you had to plug in a special charger that connected to a wall power outlet. Those days are gone. Smartphones have USB ports that can double as data ports or charging ports. You could get not only electrical current to your phone, but also unwanted malware or personal data.
These devices can help
You can attach small devices that look similar to a USB flash drive between your portable device and the charging port. These devices block the USB data pin connections, so only power can be sent to the device. They are often called the Juice-Jack Defenders or SyncStop, and can cost anywhere from $7 to $12. These devices are used to prevent infected USB flash drives from infecting computers (or vice versa). These devices use “full-size” USB connectors (USB–A) and not the Mini–USB or Micro–USB connections found on smartphones. They won’t protect your smartphone from infected charging stations.
There are several options. There are a few options. One is to buy a cable that connects to your phone on one end and to the wall power outlet on another end. This will allow you to charge your smartphone directly from the wall outlet. Sometimes, it is difficult to find a wall power outlet at busy airports.
A portable power bank is the best option. This is basically a battery you can charge and then take with you to charge your smartphone. A 2.4 amp, 12 watt, or 15k mAh device is the best choice. This can charge one smartphone quickly, and it can be charged up to five times before the battery needs to be recharged.
You might leave it in your suitcase, regardless of which option you choose. This will ensure that you don’t forget it when you return home.
But
