Juice Jacking and Device Hygiene: Protect Yourself On the Go
“Juice jacking” has been in the news lately. Do you know what this threat is, and how to stay safe? And just how much of a threat is it, anyway?
Here’s everything you need to know about how to keep your devices safe, even when traveling.
What Is Juice Jacking?
Juice jacking refers to a type of cyberattack that happens when people charge their devices. USB ports and chargers are the new standard; practically every new phone charges via USB-C, and so do many modern laptops.
Juice jacking is a somewhat sophisticated technique where the bad guys compromise or hack a USB port that looks like a charger, like a charging station at an airport. When you plug into the compromised port, you may or may not get charged up. But if the hack is successful, you may also pick up malware or other nasty elements.
How Does It Work?
Unfortunately, USB ports and cables do more than just send electricity through to your battery. They also carry data. (iPhone users aren’t immune: Lightning cables are essentially using the same tech, and they do the same thing: some pins charge, and some pins exchange data.)
When you plug into a power outlet using your manufacturer-provided charging block, there’s nothing to worry about. (If someone figures out how to steal your data over the actual electrical grid, we’re all doomed!)
The danger is when you plug into a USB port that you don’t control. Maybe it’s a legit charger, or maybe there’s hardware behind that plate that’s about to seriously ruin your day.
Why Is Everyone Talking About Juice Jacking All of the Sudden?
Good question: it all stems back to this recent tweet from the FBI’s Denver office. The tweet was posted in April 2023 without much context. Many people assumed this was actionable intel, that the FBI knew something about a new threat. The story got picked up by local and national and tech media, and before long, we were in a full-on juice-jacking panic.
How Common Is Juice Jacking?
Even better question: not very.
Slate ran an excellent explainer on this just about a week after the tweet. You can read it for yourself, but basically here’s the deal: the FBI Denver field office didn’t intend to suggest anything new.
It was actually just a slow news day, so they were reposting a PSA-style announcement based on a theoretical threat that’s been out there for years. You could certainly argue that the tweet was poorly worded (“have figured out ways…” sounds pretty current to us!).
The threat of juice jacking is real. But it’s not nearly as easy to pull off as it might seem, and hardware makers have gotten smart to it.
If you have an iPhone running the latest version of iOS, you can test this out. Borrow a friend or coworker’s non-Apple-branded charger. Plug it into the wall, then plug in your phone.
Most of the time it won’t start charging. You might get a “trust this device?” pop-up, or you might be required to unlock your phone and verify the device.
How to Stay Safe
Even though juice jacking isn’t quite the threat it’s been drummed up to be, it’s still something you should be careful about. And the more important or high-profile the user, the greater the need to stay vigilant.
The best plan is to avoid using any random USB port for charging. Use an electrical outlet and a charger that came from either your manufacturer or a trusted third-party name.
As the tech that enables juice jacking gets cheaper and easier to use, this threat certainly could grow worse. So start following the right habits today and you’ll be in good shape if the threat ever worsens.