Juice jacking: Did that ‘free’ charging station just steal your data?

The most effective practices to begin implementing to stay ahead of this issue and lay the foundation for solid mobile security

As evidenced by the frenzy of activity surrounding the documents leaked by ex-National Security Agency (NSA) contractor Edward Snowden, corporations and individuals around the globe are concerned with surveillance activity and are taking steps to secure data against secret monitoring. The continual advancement of surveillance technology to garner or steal information is a serious concern for corporations. Mobile devices, ubiquitous among today’s workforce, represent one of the biggest vulnerabilities for security breaches, whether they are company issued or personal devices used by employees for work.

As such, “juice jacking” — the theft of data from a mobile device via public charging stations — is becoming a serious corporate security risk. Specifically, juice jacking happens when a mobile device (i.e. smart phone or tablet) is plugged into a charging station via USB — it does not occur via laptops or devices plugged into wall sockets. Any employee with a smart phone or tablet that is connected to a corporate network can open up exposure simply by plugging his or her dying device into the USB charging kiosk at an airport, business center or conference. These charging stations can be hijacked by hackers and configured to read and copy data from the device and also upload malware to facilitate later exploitation, all without the user’s knowledge that anything is amiss. And hackers are becoming increasingly aggressive and sophisticated — they no longer focus on simply disabling devices, but are trying to get into the data within and see what can be done with it.

Contributing Author

author image

Erik Hammerquist

Erik Hammerquist is a Senior Director of the Computer Forensics segment of FTI Consulting’s Technology practice and is based in Los Angeles.

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.