“Attention. Attention. Your flight has been delayed for three hours.” The first thing most travelers do, when faced with such an announcement, is reach for their smartphone, then grab the charging cord. Wait! That available electronics outlet could be compromised and plugging in could start data flowing into or out of your phone without your knowledge.
The common term for this event is juice jacking. Someone’s corrupted the outlet. If you plug in a USB connector, there’s no way to tell what malware could flow in or what data of yours could flow out of your device. Scary, isn’t it?
Juice jacking has been a known risk since 2011 when researchers from Aries Security first explained the way it works. Since phones are designed to use the same port for charging and data transfer, one cord handles both functions.
The biggest group at risk is business travelers. They often want to keep working until their plane pushes back from the gate. An open outlet is mighty tempting for anyone low on power.
To see just how easily users can be jacked, security firm Authentic8 set up a free charging station at February’s RSA security conference in San Francisco. In their experiment, 80 percent of attendees plugged in with no questions—and these are security specialists.
An Authentic8 spokesman told CCN, “The majority are plugging in no problem. They are at a security conference and they should know better, but they probably feel safe,” he explained. “The others are making fun of them. They just walk by and say, ‘Do people really do that?’”
On the road, it’s smart to carry a battery backup that connects to your phone or laptop by USB. That’s the safest way to recharge and keep using those devices.