In the age of the smartphone, charger sharing seems like a no brainer. If you’ve left your charger behind while you’re on a trip, or if you’re just visiting a friend’s house, it’s easy to ask to plug your phone in until it’s good to go.
Doing so, however, may compromise your cybersafety.
See, we live in more than just the age of the smartphone. This is also the age of the hacker. As has been exhibited on a global scale many times over, information stored in industrial clouds isn’t always as safe as we’d like to believe.
But can someone else’s charger really compromise your phone’s security? Charles Henderson of X-Force Red at IBM Security says yes.
The reality of cybersecurity In 2019
IBM serves as one of the forerunners in technological security for the modern age. Henderson, as mentioned above, sits at the head of IBM’s team of hackers. This team gets to work with clients who want them to hack their way into existing business’s security systems.
They’re not doing so to gain access to your private information – they’re doing so to discover the short-comings of their client’s security systems.
Nowadays, the malware that can compromise a business’s financial data doesn’t have to be delivered by spam email – although spam is alive and well. Instead, a competent cyber hacker can gain access to implant charging cables and lace those cables with malware.
Once an unsuspecting traveler has plugged in their phone, the hackers can strike – and all of their data can disappear down the drain.
Henderson notes that this kind of infiltration can come in many forms. Not only can cyberhackers set up charging stations at airports or in malls, but they can send compromised chargers to business elites as part of anonymous swag baskets. In short, the professionals at IBM firmly believe that any charger that you don’t buy yourself is one that you need to avoid.
Exhibitions at DEF CON
Information about charger hacking isn’t limited to the security sphere. 2019 saw hackers attending Las Vegas’s DEF CON hacking conference display the practice to rapt crowds.
The presenting hacker, known primarily as MG, made the process look simple. He physically modified an iPhone lightning cable and, after plugging the cable into an available Mac, was able to use the cable to control the Mac from an entirely separate device.
There’s more to the process than that, however. Not only could MG access Mac’s files, but he could “kill” the connection between the charger and the computer. This kill switch wiped the Mac and charger alike of any evidence that would suggest a) that the Mac had been hacked, and b) that the charger had been used to do so.
Think that’s scary? MG proceeded to sell his cables – known as O.MG cables – to the attendees present at the conference.
It’s abundantly clear, then, that the world of cybersecurity hacking is not confined to the shadowy professionals pop culture says it is. Instead, attacks against private data can come from any direction, so long as the person behind those attacks is either adept enough with technology to prepare the hardware themselves, or has access to someone with that level of skill.
Exploring existing malware threats
Henderson does note, however, that chargers have yet to be used in a mass-scale data hack. Even as hackers like MG are selling devices that would make these hacks easier, the most notable attacks have been conducted through social media platforms like Facebook.
That said, chargers are inexpensive and increasingly-necessary. To the untrained eye, a modified charger will look like any other, meaning that they’re ideal for hackers with ambitions big and small.
Even so, the IBM team is currently more concerned about the safety hazard presented by charging stations set up in malls and airports across America. These much-less-subtle safety hazards require users to plug their devices straight into external USB drives – a much riskier move than, say, plugging a charger into a wall.
Even so, the safety procedures decrying both practices have the same core. If you want your personal data to remain private, you need to be careful what kind of devices you plug it into. The world of technology is ever-changing, and as it does, you’re the only person responsible for keeping your data clean.