- Everyone has been in this situation: the smartphone or tablet is discharged, and you forgot the charging wire. It is believed that there is nothing wrong with borrowing a wire from another passenger in the waiting room of the airport or at the reception of your hotel. However, cybersecurity experts say doing so in 2019 is a huge mistake.
- "There are some things that just can't be borrowed," says Charles Henderson, managing partner and head of X — Force Red at IBM Security. — If you were traveling and realized you'd forgotten to bring your underwear, would you ask your companions to lend it to you?" You'd go to the store and buy a new one."
- Henderson runs a team of hackers that clients hire to hack into their computer systems and identify vulnerabilities. Ever since hackers figured out how to inject viruses into charging wires that allow them to remotely hijack mobile devices and computers, his team has sometimes used this trick to wean customers off trusting other people's wires. "We send someone a cool iPhone wire in the mail. Maybe we sign it in some innocuous way, like the name of a supplier or a partner they've listed on their website. We send the wire and see if the person will use it, " he says.
In August, at the annual DEF CON Hacking Conference in Las Vegas (Henderson calls it "summer camp for hackers"), a hacker known as MG showed off an iPhone wire he had modified. By using this wire to connect an iPod to your Mac, MG remotely learned the IP address of the wire and through it gained control of the computer. MG noted that it could later remotely "kill" the embedded virus and erase all traces of its existence. At enterprising hacker had a stock of so-called wire O. MG, which he sold for $200.
Malicious wire poorly spread, says Henderson. "Mainly because an attack of this kind is difficult to scale," he continues. - In General, if you are faced with such, it was a targeted attack."
"But even if we have not seen a large — scale attack, we can not think that this will not happen, because the scheme definitely works," says Henderson. "The technology is compact and cheap... and will only get cheaper, and it's not something the average consumer will know about before an attack is possible on a large scale."
According to Henderson, an even more serious threat than infected wires are USB charging stations that are found in public places like airports. "We know about a couple of cases when charging stations were hacked. I'm not talking about electrical outlets. I'm talking about charging stations with USB ports."
"Being careful about everything you connect to your devices is just good IT hygiene," says Henderson. - Consider it the same as opening email attachments or passing passwords. In the case of computers, passing a wire is like passing a password, because that's the level of access you provide."
Many travelers know that in difficult times at the hotel reception you can often find a box with wires that other guests have forgotten. Resist temptation, Henderson says. "If there was an underwear drawer at the front Desk, would you wear it?"