Don’t Let Your Employees Fall for a Juice Jacking Attack!

Don't Let Your Employees Fall for a Juice Jacking Attack!

Humans have limited predatory cyberattacks to threats such as malicious websites, phishing emails, and insecure networks. Unfortunately, cybercriminals don’t relent, and they constantly devise new tricks. For example, charging at public USB power stations could make you vulnerable to ransomware. This is Juice Jacking, and its address is pertinent.

What is Juice Jacking

While the term Juice Jacking sounds a bit comical, it has been theoretically proven to be a severe form of cyber threat. Simply put, it is a modified version of charging ports, redesigned for malware delivery or data breaches

In some cases, a charging cable or an AC adaptor is exploited to hijack a power source and channel their nefarious intention to a victim’s device when plugged in. They can mirror the device screen for passwords, place tracking programs, or install malware when this is achieved.

This method is easier for cybercriminals since these charging ports are frequently seen in malls, hotels, airports, and public gatherings and are occasionally used by people. This further validates how ideal this target is for cybercriminals and how dangerous it can be for their victims.

Is this a threat to my organisation?

After the Los Angeles County District Attorney’s Office declared Juice Jacking a real threat, most citizens became aware of the risk associated with randomly plugging devices at public USB power stations.

As a CEO, you can also be exposed to the negative effects of juice jacking through your employees. One of them might unknowingly plug a device issued by the company into a charging port at the airport or other transit points.

A cybercriminal might be lying low, awaiting an opportunity to exploit the connection and hijack the company’s resources through the device. This is nothing but an ideal route for the theft of sensitive information and malware delivery.

How much damage would it cause?

If the attack is successful, you should expect major damage to your organisation. It can reduce customers’ trust, lower your market share, and even affect your position as a business owner.

Your finances and reputation will be influenced by the security breach.

  • Financial impact: your company might lose a contract, some money (probably a large sum), payment card details, bank details, and corporate information. There might also be a restriction to carrying out online transactions, which will disrupt trade processes. 
  • Impact on reputation: The organisation’s relationship with customers will wane once there is a whiff of insecurity. Your reputation will be damaged, and you will experience low profits, low sales volume, and a low number of buyers. This can also affect your suppliers and reduce your chances with investors and partners.

Other Impacts:

  • Legal impact: falling victim to juice jacking will compromise the security of your staff or customers’ data. This breach of privacy laws and data protection will attract regulatory sanctions and huge fines.
  • Effect on Operation: if malware is installed into a company-issued device through juice jacking, the business website might become non-functional, and the computers might behave untowardly. In fact, the organisation’s Web servers might be completely shut down, closing its online services and preventing access by customers and clients alike.

How to Protect Your Organisation Against Juice Jacking

  1. Educate your employees.

Educating and training your employees on juice jacking is one of the most important ways of protecting your organisation. Cyberattacks have advanced to the point where cybercrimes like Juice Jacking are unheard of. Therefore, it is vital to educate personnel to properly tackle the problem.

     2. Encourage a BYOC (bring your own cable) attitude.

Remind employees that travel long distances regularly and usually charge their phones in public charge stations to carry their own chargers. This way, their device can remain malware-free and secure.

     3. Use charge-only cables

Specific phone cables exist that are only used for charging, known as charge-only cables. These cables have no additional ports or cables for data transmission on these chargers. It takes two points to charge the smartphone. So even if you end up charging your devices at a public charging station, you will be immune to Juice Jacking.

     4. Get a “safety jacket” for your USB cord.

According to cybersecurity experts, one of the best ways to protect yourself from juice jacking is to get a USB condom. These “condoms” are attachable protective devices that disable the data pin on your USB, thus preventing it from sending and receiving data. 

     5. Invest in portable chargers

Employees can use portable chargers to prevent their devices from running out of battery power and going to public charging outlets.

Why not make portable chargers available to travelling staff? It can help protect company data by ensuring that employees have a reliable source to plug into.

Are your employees at risk of juice jacking? GKM2 can help protect your company from data breaches. Visit our website or call us at +61 2 9161 7171.