Australia Markets closed

Why borrowing a phone charger is like ‘borrowing underwear’, ‘toothbrush’: security experts

Security experts are warning against charging your phone with someone else's charger cord or at public USB charging stations. (Source: Getty)

Your phone is running low on battery. That’s normal enough; so you don’t think twice when you ask the hotel clerk or a fellow travel passenger to borrow their charger cord.

But in 2019, that’s a big no-no, security experts warn.

“There are certain things in life that you just don't borrow,” IBM Security’s head of X-Force Red and global managing partner Charles Henderson told Forbes.

“If you were on a trip and realised you forgot to pack underwear, you wouldn't ask all your co-travellers if you could borrow their underwear. You'd go to a store and buy new underwear.”

With hacking and scamming becoming ever-more sophisticated, cyber hackers have by now figured out how to implant charging cables with malware in order to remotely hijack devices.

And while attacks via malicious charging cables aren’t currently a significant threat, that doesn’t mean it won’t ever happen, Henderson said.

“This kind of attack doesn't scale real well, so if you saw it, it would be a very targeted attack.

“But just because we haven't yet seen a widespread attack doesn't mean we won't see it, because it certainly does work,” he told Forbes.

“The technology is really small and really cheap. It can get so small that it looks like an ordinary cable but has the capability and the intelligence to plant malware on its victim.”

This kind of technology will only get cheaper to produce, he added.

“And it's not something your average consumer is going to be tracking to know when it becomes viable on a mass scale.”

Beware of airport charging stations

Strangers’ charger cables aren’t the only things you need to be wary of: you should also steer clear of the USB charging stations at airports, too, where cyber criminals may have modified USB connections to install malware on your phone and download data without you ever knowing.

IBM Security X-Force Threat Intelligence vice president Caleb Barlow compares it to finding a toothbrush on the side of the road and sticking it in your mouth.

“You have no idea where that thing has been,” he pointed out. “And remember that that USB port can pass data.”

So how should you charge your device instead? Plug your own charger into a powerpoint in the wall, or bring a portable power bank.

“Being careful about what you plug into your devices is just good tech hygiene,” Henderson added.

“Think of it in the same way that you think about opening mail attachments or sharing passwords. In a computing context, sharing cables is like sharing your password, because that's the level of access you're crucially conveying with these types of technology.”

What’s the big deal? Surely I won’t be targeted by cyber criminals

Does all of this seem excessive or a little over-cautious?

Actually, cyber criminals are increasingly turning their focus on travellers. According to the 2019 IBM X-Force Threat Intelligence Index, the transportation industry is now the second-most attacked sector, Forbes reported.

You should even steer clear of USBs, which can be modified to have an additional chip inserted into it that can deploy malware.

So if you’ve forgotten your charger cord on holiday, you might be tempted to ask the hotel front desk for one left behind by absent-minded guests.

To that, Henderson would pose the following question: “If the front desk had a drawerful of underwear, would you wear those?”

Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, news and tech news.

Join us for Yahoo Finance's All Markets Summit on September 26, with speakers coming from across Australia and around the world to share their knowledge and experience on the most critical issues facing Australia.