Juice Jacking: How Hackers Target You at the Airport

Share this post

Here’s a scenario most of us are familiar with, your flight is delayed, and your phone is in the throes of death. You have a plug, but the outlets are not just limited but occupied. Not all hope is lost; the airport now provides USB ports so that you can charge your devices without plugging into a wall socket. You charge your phone, board your flight, and move on with your life.

End of story right? Well, not quite.

When you land, you suddenly notice your phone is acting up. Passwords have been changed, and bank accounts are empty. The charging port you plugged into waiting for your flight was compromised. Putting it simply, you’ve been a victim of Juice Jacking and plugging your phone into that port was the equivalent of writing a check to whatever hacker had previously paid it a visit.

About a month ago, CNN Tech ran an article on Juice Jacking, discussing the exact scenario above. While the article discussed not only that security professionals are aware of the risks, they are actively trying to inform the public of those risks. It also relays how they’ve observed even with security risks actively acknowledged; people tend to set concern aside when their phones are near empty. After all, who knows if that witty Tweet will be as witty after landing, right?

A term first coined in 2011, security firms believe that juice jacking may be the favored way with which hackers access personal information, especially in the coming years, with public ports becoming more mainstream. This is problematic when considering the rise in Ransomware, the hacking trend of 2016 according to CNET.

So where do we go from here? If security firms are aware of the problem and airports are providing ports, surely there’s a safeguard in place to protect users from malicious hacking right? According to an airport official, once a gate is leased to an airline, they’re responsible for anything that happens there, even hacking.

“If the airport doesn’t maintain the USB ports (for example, ones that may be placed in the gate areas, which are leased by airlines), we wouldn’t have control over the equipment, and therefore I wouldn’t anticipate we would have liability for equipment that was not ours,” said one official with Portland International Airport.

The airport doubles down in making certain they’re not held liable. Not only does the onus of responsibility fall to airlines leasing gates, but PDX also opts not to provide ports outside of gates. Instead, they allow a third party company to provide a charging station, for a nominal fee, of course. In other words, if your phone is hacked, you have the option of trying to force the airline you frequent to assist in your plight, chase down a third party company, or pay whatever ransom is being asked to recover your phone data.

More likely than not, neither the airlines or the third party port provider are too terribly concerned with their ports being compromised. According to a CNBC article from back in December of 2016, most people who are victims of Ransomware choose to pay off hackers without involving authorities. CNBC believes the numbers to be close to seventy percent of businesses opting to pay up. While private citizens are becoming more cognizant of the potential risk posed by having a device hacked, Juice Jacking remains on the outskirts of knowledge for most who are comfortable ponying up to ports at airport gates waiting to board flights. Ultimately, with neither airlines nor airports willing to safeguard the ports they provide, the onus of responsibility falls to the user.

Not all hope is lost. Both Apple and Android are taking measures to improve their security to prevent smartphone hacking, and the advent of the portable charger offers an alternative option to public ports. As always, if you find yourself desperately needing to charge your phone, A.C. adapters and power outlets are still safe fallbacks. Though not necessarily plentiful, airports like PDX try to provide an optimum number of outlets for passengers to charge their phones and not risk missing their flights.

The official from the Portland airport stated that:

“Throughout PDX we have many electrical outlets for phone and computer power/charging.”

In fact, she believes that until further notice, USB ports will likely not become widespread. However, it’s important to recognize that PDX is one airport, and deals with far less traffic than say JFK or Dallas, places that have the potential for becoming a hacker’s playground under the right circumstances.

Whether or not Juice Jacking begins receiving more mainstream recognition will likely rely on whether or not hackers up their efforts. Until then, extra security measures as far as public ports are concerned are likely not to occur. For travelers, your best bet is to avoid USB ports as best as possible. Desperate? Well, then chances are, you’re on your own.

If you are as paranoid as us and as addicted as we are to our devices, then a small adapter that removes the data capability of the phone can help to protect you from Juice Jacking.

Some of the links included in this article are Amazon Affiliate links. If you would like to purchase these items, consider using the links provided and help support Neon Dystopia.

One Response to “Juice Jacking: How Hackers Target You at the Airport”

Leave a Reply