By Md. Alim
Assistant Professor
Department of Forensic Science, Kalinga University
In the current society of science era, computer device such as smartphone, tablets, smart watches use by the every person. Smart device is equipped with the multiple function like photography, money transactions, and video recording, among others. The digital devices are battery operated and charging has also become sophisticated. Users utilize universal serial bus (USB) by connection with adapter or charging station with power connection to charge up there device battery. The data/power cable utilized as common or in the public charging station facilitates the easy illegal access into the devices.
Juice jacking is a sort of new kind of cyber-attack in which cybercriminals victimize peoples at a public charging station. Cyber criminals mostly compromise the digital devices through the USB port to install malware and steal data. When users connect their devices to infected charging ports, they unwittingly permit hackers to access their data or install malicious software without their awareness.
Juice jacking is a device-centric Man-in-the-Middle (MitM) attack. Attackers take advantage of a charging connector’s ability to transfer data simultaneously. A good example of a juice jacking gadget is a USB connector, which has five pins. However, only one of the five pins is needed to charge a device that is attached, and only two of the five pins are needed for data transfer. With this technology, a user can move files from a mobile device to a computer while the device is plugged into a charging station. The most well-known gadgets used in juice-jacking attacks are USB ports and phone charging connectors. Other out-of-the-ordinary devices that could be employed include USB ports in the video arcade control panel and multipurpose battery power banks.
Through the use of juice jacking, a perpetrator can duplicate confidential data from a mobile device, such as voicemails, contacts, documents, passwords, and messages. People might not even be aware that they are being attacked or how the attack worked until they discover that their device has been compromised. The law enforcement agency from USA like FBI, the Federal Communications Commission (FCC), and Indian enforcement agency like RBI, and the Indian Computer Emergency Response Team (CERT-In), functioning under the Ministry of Electronics and Information Technology issued warnings regarding the juice jacking as new trends by criminal in digital space. They publish regular warning to not to use the digital device or charging station from the public places like cafes, hotels, airports, shopping centres, to recharge their digital device. The law enforcement agencies also regulating the preventive measure to avoid juice jacking attack. However, there are five easy ways for consumers to prevent device compromise. The first piece of advice is to avoid placing their phone directly into a USB charging connector. To protect your data, use a two-prong electrical connector. Second, never use the included cord or another person’s two-prong attachment as they may be infected with malware that makes it possible for someone to steal your personal information. Using a “sync stop” technique is your third choice if you want to keep hackers out of your phone. Fourth, while charging, make sure your phone is locked or switched off. Most phones limit who can access your data when they are locked or switched off. Fifth, be cautious while putting your trust in people; always carry a portable power bank to keep your phone charged.
Additionally, patching security flaws and fortifying defences against potential attacks emphasize how important it is to maintain up-to-date smartphone software and make use of a virtual private network (VPN). In order to provide an additional line of protection against malevolent attempts, we also consider installing malware or virus detection software.
References
Kalinga Plus is an initiative by Kalinga University, Raipur. The main objective of this to disseminate knowledge and guide students & working professionals.
This platform will guide pre – post university level students.
Pre University Level – IX –XII grade students when they decide streams and choose their career
Post University level – when A student joins corporate & needs to handle the workplace challenges effectively.
We are hopeful that you will find lot of knowledgeable & interesting information here.
Happy surfing!!