FBI Issues Cyber Security Warning over using Public Charging Points
The FBI has issued a warning urging individuals and businesses to avoid using public USB ports due to the risk of malware infections. According to a tweet from the Denver FBI office (as reported by CNBC), cyber criminals have exploited charging stations and points located in hotels, airports, shopping centres and more to spread malware and monitoring software.
To minimise the risk of cyber attacks, the FBI recommends that people carry their own wall charger and USB cable and opt to use electrical outlets rather than public USB ports for charging. It is worth noting that public Qi (Wireless) Charging points remain safe to use. Although Apple has implemented a USB security feature for iPhones and Macs that limits data transfer through the Lightning port after an hour of device inactivity, this does not prevent malware installation when devices are connected to public ports during active use. Connecting to a public USB port (or using public USB cables) can leave unprotected devices devices vulnerable to cyber attacks, as hackers could use these as attack vectors to access sensitive information such as; intercepting emails, access browsing sessions to potentially steal account data, passwords or potentially funds from online accounts, and more. These malicious Ports and USB cables can be used to inject malware or other malicious code into your device upon connectivity, to ensure safety individuals should use their personal USB cables and wall chargers for charging in public places.
The FBI has echoed this warning on their website, advising against using public usb ports or charging stations. Additionally, they caution against using public Wi-Fi (see our video on the Dangers of Public WiFi) for confidential transactions, opening suspicious files, reusing passwords across accounts, and clicking on unexpected links in messages and emails. To ensure that your business has complete security against these attack vectors we urge businesses to follow these recommendations and ensure that all of their devices are protected with the best security tools and services available to them, we recommend services such as SASE (Secure Access Service Edge) to act as a cloud based firewall for all of your device, no matter where they are in the world & EDR (Endpoint Detection & Response) for your business Laptops (and other Endpoints) to proactively monitor and stop for any malicious or unusual activity on any of your endpoints, including the monitoring of USB connectivity to ensure that malicious code can not be launched from USB connectivity (an attack vector made popular through the use of “USB Rubber Ducky” and “Rubber Ducky Cables”). In addition to this, our Active Email Threat Protection service can also check links and attachments in emails to ensure that they are safe to open or download, quarantining those that are not safe.
To find out more about our Cyber Security services please reach out to see how we can help your business, you can also download our FREE Cyber Security Self Assessment to see if your business is following the best Cyber Security practices.
Latest News Stories
Businesses Exposed in MOVEit Data Breach targeted by Ransom Demand
The notorious cyber crime syndicate, believed to be stationed in Russia, known as the Clop group, has sent an ominous warning to victims of a recent global cyber attack. In a message posted on the dark web, the group has urged those impacted by the MOVEit hack to...
London School Forced to Shut Down Amid “Devastating” Cyber Attack
Leytonstone School, situated in Waltham Forest, London, has forced to shut its doors due to a severe cyber attack on the school. The assault on the school's IT infrastructure has been described as "devastating", resulting in a significant quantity of private data...
British Airways & Boots Staff Personal Data Exposed In Data Breach
In a recent disclosure by British Airways (BA), it was reported that all its UK-based staff have had their personal data exposed in a cyber attack. The information compromised in this security breach includes bank and contact details. This breach occurred following an...
Sarah Wroe, Commercial Property Partners
Stayed late on a Friday evening to fix my computer. Thank you
Kim, Intake Transport
Pav is brilliant, always quick to help us and resolve issues meaning minimal impact on our business.
Janine Clerehugh-Owen, Matrix Business Park
Excellent service, immediate call out the following day after reporting issue.