All of us have been there. You’ve forgotten your charging cable at home and your smartphone or tablet is running low on battery. There’s no harm in getting one from a fellow traveler in the airport’s departure area or from the front desk employee of your hotel, right?
It would be a grave error in 2019, according to cybersecurity experts.
Charles Henderson, Global Managing Partner and Head of X-Force Red at IBM Security, asserts that “there are some things in life that you just don’t borrow.” “You wouldn’t ask every travel companion if you could borrow their underwear if you were on a trip and realized you forgot to pack underwear. You would visit a store and purchase new underpants.
Henderson leads a group of hackers that companies can hire to access their computers and find security holes. His team occasionally employs a tactic to train clients to be less trusting of third-party charging connections in light of the fact that cyberhackers have discovered how to infect charging cords with malware that may remotely control devices and PCs. “We might mail someone a promotional iPhone cord. Perhaps we’ll market it as something innocent, like a partner or vendor that they list on their website. We deliver the cable and watch to see if the user plugs it in,” the man claims.
An iPhone lightning cord that had been altered was exhibited last week at the annual DEF CON Hacking Conference in Las Vegas, which Henderson refers to as “hacker summer camp.” The hacker with the handle “MG” goes by. As Vice described in detail, after utilizing the cable to link an iPod to a Mac computer, MG remotely accessed the cable’s IP address and commandeered the Mac. MG remarked that he could later remotely “destroy” the malware that had been inserted and remove all traces of it. The resourceful hacker was making money by selling his stock of ‘OMG cables’ for $200 each.
According to Henderson, malicious charging cables aren’t currently a major concern, “mostly because this kind of assault doesn’t scale very well, so if you saw it, it would be a very targeted attack.”
Henderson adds, “But just because we haven’t seen a widespread attack yet doesn’t mean we won’t see it; it definitely works.” “The technology is very compact and very affordable. It can shrink down to the point that it resembles a regular cable, yet it is capable of implanting malware on its target and is intelligent enough to do it. The cost of making these items will only decrease, and the typical consumer won’t be keeping track of this development to determine when it will be commercially feasible.
For the time being, USB charging stations found in public spaces like airports, according to Henderson, pose a greater concern than rogue charging cables. “We’ve observed a few occasions where charging stations were altered. When a USB port is present on a charging station, I’m not referring to an electrical outlet.
It’s simply basic tech hygiene to be cautious about what you plug into your gadgets, according to Henderson. “Consider it in the same light as opening email attachments or disclosing passwords. Sharing cables is equivalent to sharing your password in a computing context because that’s the amount of access you’re essential transmitting with this kind of technology.
Many tourists are aware that hotels frequently have a drawer of charging cords on the front desk that can be used in an emergency.
As Henderson advises, resist the urge. Would you wear those if the front desk had a drawer full of underwear?