Protect your charging cables like you protect your passwords, say cybersecurity experts.
We’ve all been there. Your smartphone or tablet is low on power and you’ve left your charging cable at home. There’s no harm in borrowing one from a fellow passenger in the airport departure lounge or from your hotel’s front desk clerk, right?
In 2019, that would be a huge mistake, say cybersecurity experts.
“There are certain things in life that you just don’t borrow,” says Charles Henderson, Global Managing Partner and Head of X-Force Red at IBM Security. “If you were on a trip and realized you forgot to pack underwear, you wouldn’t ask all your co-travelers if you could borrow their underwear. You’d go to a store and buy new underwear.”Henderson runs a team of hackers that clients hire to break into their computer systems in order to expose vulnerabilities. Since cyberhackers have figured out how to implant charging cables with malware that can remotely hijack devices and computers, his team sometimes uses a trick to teach clients to be less trusting of third-party charging cables. “We might send somebody a swag iPhone cable in the mail. Maybe we have it branded as something innocuous, like a vendor or a partner that they have listed on their website. We send off the cable and see if the person plugs it in,” he says.
Last week, at the annual DEF CON Hacking Conference in Las Vegas — “hacker summer camp,” says Henderson — a hacker who goes by “MG” demonstrated an iPhone lightning cable that he had modified. After using the cable to connect an iPod to a Mac computer, MG remotely accessed the cable’s IP address and took control of the Mac, as Vice reported in play-by-play fashion. MG noted that he could later remotely “kill” the implanted malware and wipe out all evidence of its existence. The enterprising hacker had a stash of so-called O.MG cables that he was selling for $200 apiece.
Malicious charging cables aren’t a widespread threat at this time, says Henderson, “Mainly because this kind of attack doesn’t scale real well, so if you saw it, it would be a very targeted attack.”
“But just because we haven’t yet seen a widespread attack doesn’t mean we won’t see it, because it certainly does work,” says Henderson. “The technology is really small and really cheap. It can get so small that it looks like an ordinary cable but has the capability and the intelligence to plant malware on its victim. These things are only going to get cheaper to produce and it’s not something your average consumer is going to be tracking to know when it becomes viable on a mass scale.”
For the moment, Henderson says, a bigger threat than malicious charging cables is USB charging stations you see in public places like airports. “We’ve seen a couple of instances where people modified charging stations. I’m not talking about an electrical outlet, I’m talking about when there’s a USB port on a charging station.”
“Being careful about what you plug into your devices is just good tech hygiene,” says Henderson. “Think of it in the same way that you think about opening mail attachments or sharing passwords. In a computing context, sharing cables is like sharing your password, because that’s the level of access you’re crucially conveying with these types of technology.”
Many travelers know that, in a pinch, the hotel front desk will often have a drawer of charging cables that were left behind by guests.
Don’t be tempted, says Henderson. “If the front desk had a drawerful of underwear, would you wear those?”
Source : Bloomberg
BREAKING: Obaseki wins again as Court dismisses alleged case of certificate forgery
A Federal High Court in Abuja has dismissed the alleged certificate forgery suit brought against Governor Godwin Obaseki of Edo State by the All Progressives Congress (APC) and one of its members, Edobor Williams.
Justice Ahmed Mohammed, in a judgment a moment ago, held that the plaintiffs failed to prove their claim that Obaseki forged his academic certificates that he submitted to the Independent National Electoral Commission (INEC) before the last governorship election in the state.
The judge found as lazy, the attitude of the plaintiffs, who did no make any efforts to cross-check from the University of Ibadan (UI) and the West African Examination Council (WAEC), the two institutions that issued the certificates they claimed Obaseki forged.
Missing 12-Year-Old Girl Found Alive With Her Throat Slit After 5 Days Inside Soakaway In Delta
12-year-old Blessing Ineh, who reportedly went missing in Abraka, Ethiope East Local Government Area of Delta, has been found alive inside a soakaway.
It was gathered the the young girl was last seen on New Year Day after she was sent on an errand by her parents.
She was found inside a soakaway located behind her family house on Tuesday, January 5, after a child heard her whimpering and raised an alarm.
According to reports by popular Warri online news portal, Warri Aproko, the young girl was abducted by three men, allegedly stabbed on the back and her throat slit before she was dumped in the soakaway.
Her body was found covered in white chalk which seems to suggest that it was a case of attempted ritual murder by suspected internet fraudsters.
The victim is currently receiving treatment in an undisclosed hospital.
Meanwhile, it was further learnt that Blessing revealed that her neighbour identified simply as “General” was one of the men behind the dastardly act.
According to the victim, General was the one who lured and whisked her away in a car. After they were done, the men dumped her inside the soakaway to die.
The suspect is said to have disappeared from the compound since the day the girl went missing.
Business1 year ago
NDDC BOARD: SENATOR PETER NWAOBOSHI AND OTHER SENATORS SCREEN NOMINEES
News8 months ago
Gunmen invade cemetery, exhume, move away with body of Rivers council boss who died of COVID-19
News12 months ago
How Two Secondary School Students Sold Their Colleagues To Ritualists In Ogun State