When I first heard of “Juice-Jacking” it reminded me of years ago when “The Juiceman” was doing late-night TV infomercials on the purported health benefits of vegetable juicing. I admit that I was taken in and actually bought a juicer. I soon started pulverizing carrots, celery, beets, and an odd assortment of other vegetables and created all kinds of vegetable smoothy concoctions. Honestly, most of the time these drinks didn’t taste bad but the juice machine was a pain to wash. So, like most people, I set the juice machine aside and discontinued using it.
“Jay” Kordich aka “The Juiceman and The Father of Juicing” passed away in 2017 long before the term “Juice-Jacking” was coined. And, “Juice-Jacking” has nothing to do with pulverized vegetable drinks.
What is Juice-Jacking?
- In simple terms Juice-Jacking is the process of criminals surreptitiously accessing your phone, iPad, laptop or other electronic device through the charging cable. Everyone knows that a charging cable charges a device but many do not know that USB connections are designed to work as both data and power transfer mediums with no barrier between the two. Your charging cable is also capable of installing malware onto your device or extracting data from your device!
Who is vulnerable?
When you are in a coffee shop, airport, motel or somewhere else and your device battery starts to drain from use, most people use their charging cord at the nearest power port. Most of the time this poses no problems but criminals have developed ways of ‘splicing into” public power ports to turn these power outlets into data-transfer ports and accessing data stored on your device. Very simple and inexpensive devices can be bought on the dark-web that allow criminals to easily “splice into” these public power ports.
Your Private Confidential Data is at Risk!
Usernames, passwords, bank account information and any document stored on your device not separately passworded or encrypted is vulnerable. In addition to these cyber criminals accessing all of your sensitive and personal data, they can install malware on your device capable of exporting data directly to the cybercriminal at a later date. Clandestine tracking software can also be secretly installed on your device so that your every keystroke and physical location can be tracked.
Tips to avoid Juice-Jacking:
First and foremost, know that although not common, Juice Jacking is a real thing. You do not want to become a victim and you can safeguard yourself and your data by taking some simple steps:
- Make it a practice to avoid using all public USB charging ports. A good option is to buy and carry a small portable charging battery commonly referred to as a “Pocket Charger” or “power bank.” These little batteries are inexpensive and can be bought online and at many retailers. You charge them from an electrical power outlet and they will hold a charge for many months. When you need to charge your device just plug it into one of these power banks.
- If you are in locations where using a public charging port is the only option, buy a USB adaptor device commonly referred to as a “Juice-Jacking condom.” This simple inexpensive little device plugs into the power port and you then plug your charging cord into the device. This adaptor allows your devices to be charged but does not permit data transfer. These “Juice Jacking condoms” are readily available on eBay, Amazon and other stores.
Danger Signs
Some of the signs that your device has been accessed by a “Juice-Jacking” criminal can include your device taking much longer to load than usual, your device consuming more battery life than usual or your device “crashing” for no apparent reason, but often there are no obvious warning signs.
Some more modern smartphones have built in protection against “Juice-Jacking” attacks but many other devices do not. Unless you avoid all public charging ports, use a portable battery charger or use a “Juice-Jacking condom” you will likely not know that your device and data has been compromised until it is to late.
BEWARE! Take precautions. Protect your privacy.