logo

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 859-7140

You are here: Learning Center / Blog / Juice Jacking: The Next Cyberattack

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Juice Jacking: The Next Cyberattack

Juice Jacking is another creative way that cyber attackers are accessing your data. Learn more about the concept and how to prevent it.  

The public must be on guard for any cyberattack that comes their way; however, attackers are creative and are constantly innovating towards the next type of cyber-attack to catch unsuspecting people. Most recently, the concept of “Juice Jacking” has made its way into public attention.

Juice Jacking is a type of attack that uses a charging port, infected cable, or portable battery to access available data on a connected device such as a smartphone or a laptop. Once a device has been infected, attackers can export your data, steal passwords and other personal information, or lock your device entirely making it unusable.

How Juice Jacking works

A conventional USB cable is not only useful for charging your device, but its primary use is to transfer information from one device to another. As soon as a device is connected to a USB outlet, this allows attackers access to devices.

We have all heard of identity thieves putting on card-reading devices, skimmers, or camera on ATMs and other card readers such as at a gas station pump, but attackers are also able to change out USB hardware for another USB port that allows them access to any who connect to the port. Typically, we see threats to our devices in public such as hotels, public kiosks, and airports.

Juice Jacking and Travel

For those people who travel regularly, they rely on the public charging kiosks to keep them connected to family, loved ones, and work while out and about. But USB public charging stations are a prime target for those people seeking to steal and use your personal information.

Attackers can use not only a public kiosk as a way to gain access to your devices, but they can also use an infected cable. Beware to not use cables that are found already plugged into charging stations or you could already have one in your possession as a free gift. It is very easy to mask a cable to look like a brand name item, and most people believe that cables are not capable of holding information maliciously.

Another method to get victims to connect to a power source is to infect portable batteries, and with the rise of shared or rented portable batteries that you can purchase in airports, it has become easier for attackers to gain their victim’s data and move on to the next airport, making pinpointing the problem harder for those trying to stop the attacks.

Preventing Juice Jacking

The easiest way to prevent Juice Jacking is to plug your devices in via your power adapter that normally comes with your device. Another option is to carry your own power bank. A personal power bank can hold enough power for several recharges. Finally, a product that has been developed to combat the threat of Juice Jacking is a USB data blocker, a small adapter that you attach to the end of the USB cable you would like to use that prevents the transfer of data.

100,000 Reasons to Embrace Cybersecurity

You know the stresses of owning your own business. Oftentimes, your company’s data protection falls on the back burner. Recently, a small local accounting firm received notification that their client data was stolen. In order to retrieve the data, they were required to pay $100,000 to a cybercriminal. Given that their business was completely reliant on their data to function, the business owner faced two very difficult choices: pay the data recovery ransom or go out of business. Ultimately, the business owner opted to pay the hefty ransom.

Unfortunately, this type of cyberattack is not unique. Cybercriminals are relentless. The University of Maryland reports there is a new cyberattack attack every 39 seconds.

Cybersecurity is a whole lot like insurance. Until you have to make an insurance claim, you don’t realize just how critical that coverage is. Similarly, until you have been the victim of a cyberattack and forced to pay hundreds of thousands to a hacker just to continue servicing your clients, it can be hard to wrap your head around just how critical proper cybersecurity is.

When you finally start to realize how important cybersecurity is to your company, you should know there are 3 main elements that are critical to IT security:

  • Next-generation antivirus software
  • 24×7 monitoring
  • The right managed service provider (MSP) partner

Update Your Cybersecurity

Many companies are using antivirus software that is more than just a few years old. They may not understand the importance of updating their software and that using legacy antivirus solutions leaves organizations vulnerable to attack. The first step in ensuring solid cybersecurity best practices is to retire any obsolete antivirus products that are still in use within your organization and introduce next-generation antivirus solutions. While these legacy antivirus products (remember Trend Micro and Weber) were effective in the earlier days of cybercrime, they have become less so as cybercriminals have become more and more sophisticated, and nowadays the products won’t detect most virus strains.

24×7 Monitoring

While having effective antivirus tools in place is essential, if no one is monitoring the system, your business is still vulnerable. It takes a double-pronged approach. Say an attack happens on a Friday evening. Most of your data could be compromised before it is detected on Monday morning. It’s one thing to get a virus. It’s another to have 48 hours pass before anyone is aware of it.

VersaTrust has a 24×7 security operations center that is manned by hundreds of security engineers diligently watching for alerts coming in. They are in the position to take immediate corrective action. We know that cybercriminals never rest, and neither do we. We make sure your information is being protected and watched over 24×7.

The Right Cybersecurity Partner

A local company recently shared with us that they had been a victim of a cyberattack – their second such attack in a year. They had a next-generation antivirus system, however, it wasn’t configured properly through their current MSP. As a result, their accounting system was down for over a week. Sadly, this was probably the best of all possible outcomes from a cyberattack such as this. Consider what would happen if your company systems were shut down for a week.

The potential implications of lax cybersecurity practices are sobering. Can your company survive the reputational damage that could arise from data loss or blackmail, or from having your customers’ data sold on the Dark Web, or even prospective class action lawsuits due to a breach? Just like you wouldn’t consider operating without the standard business insurance protocols in place, your cybersecurity requirements cannot be gambled on. Don’t wait until it is time to file that claim.

At VersaTrust we treat your business as if it is our own. We have been serving small- to medium-sized businesses since1997. In addition to using cutting-edge, next-generation antivirus solutions and providing 24×7 monitored rapid response support, we have a series of checks and balances in place that prevent the types of system failures described above. Here at VersaTrust, we are committed to keeping your IT systems safe with a suite of security solutions tailored to your organizations budget and requirements. Contact VersaTrust today to discuss how to best protect your business from cyberattacks.