FBI Issues Cyber Security Warning over using Public Charging Points

The FBI has issued a warning urging individuals and businesses to avoid using public USB ports due to the risk of malware infections. According to a tweet from the Denver FBI office (as reported by CNBC), cyber criminals have exploited charging stations and points located in hotels, airports, shopping centres and more to spread malware and monitoring software.

To minimise the risk of cyber attacks, the FBI recommends that people carry their own wall charger and USB cable and opt to use electrical outlets rather than public USB ports for charging. It is worth noting that public Qi (Wireless) Charging points remain safe to use. Although Apple has implemented a USB security feature for iPhones and Macs that limits data transfer through the Lightning port after an hour of device inactivity, this does not prevent malware installation when devices are connected to public ports during active use. Connecting to a public USB port (or using public USB cables) can leave unprotected devices devices vulnerable to cyber attacks, as hackers could use these as attack vectors to access sensitive information such as; intercepting emails, access browsing sessions to potentially steal account data, passwords or potentially funds from online accounts, and more. These malicious Ports and USB cables can be used to inject malware or other malicious code into your device upon connectivity, to ensure safety individuals should use their personal USB cables and wall chargers for charging in public places.

The FBI has echoed this warning on their website, advising against using public usb ports or charging stations. Additionally, they caution against using public Wi-Fi (see our video on the Dangers of Public WiFi) for confidential transactions, opening suspicious files, reusing passwords across accounts, and clicking on unexpected links in messages and emails. To ensure that your business has complete security against these attack vectors we urge businesses to follow these recommendations and ensure that all of their devices are protected with the best security tools and services available to them, we recommend services such as SASE (Secure Access Service Edge) to act as a cloud based firewall for all of your device, no matter where they are in the world & EDR (Endpoint Detection & Response) for your business Laptops (and other Endpoints) to proactively monitor and stop for any malicious or unusual activity on any of your endpoints, including the monitoring of USB connectivity to ensure that malicious code can not be launched from USB connectivity (an attack vector made popular through the use of “USB Rubber Ducky” and “Rubber Ducky Cables”). In addition to this, our Active Email Threat Protection service can also check links and attachments in emails to ensure that they are safe to open or download, quarantining those that are not safe.

To find out more about our Cyber Security services please reach out to see how we can help your business, you can also download our FREE Cyber Security Self Assessment to see if your business is following the best Cyber Security practices.

Latest News Stories