You know those free charging stations you see scattered about in airports, malls and other locations? The kind that allow you to plug in your phone or tablet using the USB cord that’s been so thoughtfully provided? Yeah, you might want to skip using those and let your phone go dead instead.
A recent Krebs on Security report revealed that thieves can use those stations to capture video of every move you make on your device while it’s plugged in. How? Most smartphones and tablets have the ability to mirror their displays onto a larger screen, such as a television. Using the feature is a simple as connecting the device via a USB cable.
When you plug your device into the otherwise innocent-looking charging station, thieves capture every keystroke via video, playing it back later to look for passwords and other valuable and vulnerable data.
Krebs is the go-to source for scary stories about how thieves use technology to steal our identities and ruin nice things. Another recent report from Krebs detailed the hard-to-spot differences between a legitimate point of sale terminal and a compromised terminal capable of skimming card data. Another report demonstrated the extreme and obvious vulnerability of a stand-alone ATM machine at a busy grocery store in Northern Virgina.
Some takeaways for facility managers:
• Be careful connecting your device when out in public. Using public wifi – or even charging stations – could expose your data and open up your facility to risk.
• Be aware of potential security issues with any convenience service you provide, especially if it is provided by a third party. If customers’ data is compromised because they used the ATM kiosk inside your business, your name will be associated with the experience.
• Regularly audit your point of sale terminals and other devices that capture data. Keep an eye out for any physical evidence of tampering.