Juice Jacking...and what you should worry about instead

Juice Jacking is back in the news cycle yet again this month. Wikipedia describes it as “…a theoretical type of compromise of devices like phones and tablets which use the same cable for charging and data transfer, typically a USB cable.” While there is lots of research and proof of concepts that exist, there are still no public reports of actual juice jacking attacks. All of that being said, the general guidance of using an AC adaptor to charge in public (instead of plugging your USB cable directly into chargers) is still good advice, and cannot hurt.

What current threats should you actually worry about?

Phishing from a compromised source: While your business may have great cybersecurity, you cannot always say that about all your vendors and customers. What happens if a vendor gets hacked unknowingly, and their email is used to redirect your payments? Operational policies such as requiring a phone call to verify any change in payment or other critical requests can help defend against these situations.

Insider threats: the incident of leaked US military documents is fresh on everyone’s mind, and has rekindled concerns about insider threats. This can include employees who intentionally or unintentionally compromise sensitive data or systems. Policies and procedures should be implemented to monitor, manage, and regularly review employee access to sensitive information and systems.

There are simple yet effective controls for many attacks such as these. Ready to build a more formal cybersecurity program? Let us help.