Thursday, March 5, 2020

Word of the Day: juice jacking

 
Word of the Day WhatIs.com
Daily updates on the latest technology terms | March 5, 2020
juice jacking

Juice jacking is a security exploit in which an infected USB charging station is used to compromise connected devices. The exploit takes advantage of the fact that a mobile device's power supply passes over the same USB cable the connected device uses to sync data.

Juice jacking exploits are a security threat at airports, shopping malls and other public places that provide free charging stations for mobile devices. At the time of this writing, the risk of becoming the victim of a juice jacking exploit is thought to be low, but the attack vector is real and is often compared to ATM card skimming exploits from years past. Both juice jacking and card skimming rely on the end user feeling confident that the compromised hardware is safe to use.

How juice jacking works

Juice jacking is a hardware-focused Man in the Middle (MitM) attack. The attacker uses a USB connection to load malware directly onto the charging station or infect a connection cable and leave it plugged in, hoping some unsuspecting person will come along and use the 'forgotten' cable.

USB ports and phone charging cables are the most common targets for juice-jacking attacks. Other less common devices that may be used in this type of exploit include USB ports in video arcade consoles and portable battery power banks.

How to protect against juice jacking

Users can guard against juice-jacking attacks by purchasing a protective attachment called a USB condom. A condom is a device that connects to a charging cable and sits between the device's charging cable and the public USB charging station.

USB condoms block connections to all the pins in the USB male connection except one - the pin that transfers power. The condom prevents the pins that transfer data from establishing a connection, while still allowing the pin that charges the device to connect. Continue reading...

Today's Takeaway

 

"Modern offices have embraced an apparent contradiction, equipping their staff with everything necessary to be mobile: laptops, tablets, and smartphones. These devices bask in the tension between the freedom to roam and the need to stay connected, but all that equipment requires charging." - Yuval Boger

Today's Buzzwords

 
hybrid threat
File sharing over a USB port or via Bluetooth can result in a malicious application being installed on a smartphone without the user's knowledge.

mobile security
Attack targets include smartphones, tablets, laptops and shared computers at hotels, conferences and airports .

hotspot tethering
Mobile hotspot tethering enables a Wi-Fi-enabled device to access the internet by connecting to another device's cellular data network.

public hotspot
While the general public loves connecting to free Wi-Fi, most people rarely consider security threats that could compromise their expensive mobile devices.

Quiz

 
A ________ is an undocumented way to bypass customary security mechanisms.
a. backdoor
b. gateway
Answer

Stay in Touch

 

Thank you for reading! For feedback about any of our definitions or to suggest a new definition (or learning resource) please contact us at: editor@whatIs.com

FOLLOW US
TwitterRSS
About This E-Newsletter
The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US.

Click to: Unsubscribe.

You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com.

© 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners.

Privacy Policy | Partners List 		TechTarget
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)