Juice jacking! What an interesting statement, one that could mean many different things. Is someone taking away my juice drink? Who is jacking what? Is this a new slang in school? I was tempted to ask my teenager, but that could be quite embarrassing. Hey, Google! What is “juice jacking”? A recent security article featured in the Cyware states that juice jacking involves criminals loading malware into charging stations we may see at public malls and airports with the intention to attack and infect our mobile devices. A seemingly unsuspecting charging port can pose significant risks to your mobile device or your home or office network.
Being creatures of convenience, we find ourselves glued to our phones or tablets 80% of the time. And as soon as our battery gets low, we scramble to plug into the nearest charging stations. Here is where awareness on the existence (and persistence) of threats and maintaining vigilance are seriously needed. Because people will always be at the forefront of the organization, we can be the strongest link (vice the weakest) if we maintain our security awareness. Here are 3 simple practices to protect ourselves.
1. AVOID public charging kiosks no matter how tempting they may be.
2. BRING YOUR OWN power bank, charger, and cable.
3. DO NOT plug into someone else’s laptop.
In addition to juice jacking, avoid getting yourself into trouble by following these easy steps.
- Protect your data by following safe internet practices like minimizing your social media presence. Check your social media regularly and make it a point to Google yourself (what once was considered ‘egosurfing’) on a regular basis.
- Avoid pop-ups, and do not open or click on unknown e-mail messages or links. Make it a point to hover your cursor on a link even if a message comes from someone you know. Phishing exists in emails, chat groups, and messenger apps. If you’re unsure about the legitimacy of an email or other communication, always contact your security department or security lead.
- Use multi-factor authentication where possible and avoid simple and easy to guess passwords. Practice using something you know (password) and something you have (fingerprint) authentication.
- Avoid free WIFI or publicly available WIFI. Remember the free WIFI can equate to free malware or worse, an account take-over. Obtain the virtual private network (VPN) capability on your laptop through the IT group.
- Ensure you have firewall protection enabled at home and at work. Always keep your endpoint protection software updated.
- Do not publish your home WIFI access point. Once you have configured your network, make it a point to HIDE your service set identifier (SSID) or, in layman’s terms, the name of your WIFI access point.
These safe computing practices can keep your sanity and data secure. For more information, continue to check the Aboitiz IT Security Group’s AGORA page: https://aboitiz.workplace.com/groups/aboitizitsecgroup/.
