Cybersecurity

FBI Warns Against Using Public USB Charging Ports

"Juice jacking" is when criminals use public USB ports to infect devices with malware and monitoring software

NBC Universal, Inc.

Free public charging stations in airports, hotels, and malls are a convenience, but you may want to think twice about using them.

The FBI is warning consumers about what they call “juice jacking.” They say bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices.

STAY IN THE KNOW

icon

Watch NBC10 Boston news for free, 24/7, wherever you are.

icon

Get Boston local news, weather forecasts, lifestyle and entertainment stories to your inbox. Sign up for NBC Boston’s newsletters.

While it is a legitimate method to attack a target, cybersecurity experts at Cyber Ark Labs haven’t seen much evidence of this happening.

“While this is an important issue, it is a really uncommon thing,” said Andy Thompson, an offensive security research evangelist for Cyber Ark Labs.

“Be careful of public services, whether it be a public charging station or a free and open Wi-Fi.  Attackers will be able to compromise your devices if you connect to an unknown untrusted network or a USB cable,” said Thompson. “For me it’s about passwords and multi-factor authentication. If I had to advise anybody on what they ought to, do it’s really about making sure that your passwords are unique and complex.”

Thompson also notes that ‘juice jacking’ tends to be more targeted at individuals.

In addition to avoiding public charging stations, the FCC has tips to help you keep your information safe:

  • Bring ac, car chargers, and your own USB cables with you when traveling and plug into an electrical outlet.
  • Carry a portable charger or external battery.
  • Consider carrying a charging-only cable, which prevents data from sending or receiving while charging, from a trusted supplier.
  • If you plug your device into a USB port and a prompt appears asking you to select "share data" or “charge only,” always select “charge only.”

If you do find yourself connected to a public WiFi network, don’t conduct any sensitive transactions, including purchases.

Contact Us