Answer Writing Practice for UPSC IAS & UPPSC Mains Exam: Paper - IV (General Studies – III) - 25 June 2020

Answer Writing Practice for UPSC IAS Mains Exam


Answer Writing Practice for UPSC IAS & UPPSC Mains Exam


UPSC Syllabus:

  • Paper-IV: General Studies -III (Technology, Economic Development, Bio-diversity, Environment, Security and Disaster Management)

Q. How big is the threat of Juice Jacking? Suggest measures to protect data from Juice Jacking. (250 words)

Model Answer:

  • Why in News?
  • Introduction
  • Mechanism of Juice Jacking
  • The extent of the threat of Juice Jacking
  • Measures to protect data from juice jacking
  • Conclusion

Why in News?

State Bank of India has recently issued a warning of 'Juice Jacking' also known as USB charging scam. Cyber-attacks along the lines of Juice Jacking are gaining prominence day-by-day.

Introduction:

The term ‘Juice Jacking’ was first used by Brian Krebs in 2011 after an experiment at DEF CON by Wall of Sheep. Juice Jacking is a new-age nefarious technique that can infect mobile phones with malware at public spaces such as airports, cafes, bus stands, train stations, etc. Once the device is plugged-in and the connection is established, it either installs malware or secretively copies sensitive data from a smartphone, tablet, or any other computer device.

Mechanism of Juice Jacking:

  • The USB port is often used as a medium for data transfer.
  • A regular USB connector generally has five pins, where only one is needed to charge the device. Two of the other pins are used for data transfers.
  • Public USB ports may be tweaked and it may tend to open up the options to transfer files between devices.
  • The attacker here often uses off-the-shelf hardware that gets installed on the charging port of public charging boards, specifically designed to breach security and gain access to connected devices information as soon as the connection is established.
  • In this way, we unknowingly provide access to our data.

The extent of the threat of Juice Jacking:

Juice Jacking is a real threat, but it’s an incredibly complicated and imperfect way to attack someone. The threat of Juice Jacking involves:

  • The attacker gets easy access to hacked phones. This leads to data theft.
  • They can search the phones for Personally Identifiable Information (PII), account credentials, banking-related, credit card data, etc.
  • The attackers have the ability to copy all information to their own devices.
  • There are also many malicious apps that can clone all your phones’ data to another phone.
  • Malware is automatically installed in the connected device. The malware remains on the device until it is detected and removed by the user.
  • There are many categories of malware that cybercriminals can install through juice jacking, including adware, crypto miners, ransomware, spyware, or Trojans.

Measures to protect data from juice jacking:

  • The most important precaution that we should take in order to avoid juice jacking incidences is to keep our devices fully charged.
  • Alternatively, we can carry a power bank in our bag so as to avoid charging in public USB connections.
  • In case of emergency, we must completely lock our phone before using public charging stations.
  • Switch off or Power the phone down. This technique only works on a few mobile models as some phones, despite being powered down, still powers on the entire USB circuit and allows access to the flash storage in the device. Hence, this may not be an optimum solution always.
  • Use specialized cables. You can buy a special USB cable that doesn’t have pinout connections for pins 3 and 2. These cables are meant for charging only and prevents data from being transferred anywhere.
  • Use of USB condoms, which are adaptors that allows power transfers but do not connect the data transfer pins. You can attach them to your charging cable as “always-on” protection.

Conclusion:

The best defense against such cyber-attacks is awareness. We need to keep our devices charged, enable the security features provided by the operating system, and avoid plugging the phone into unknown charging stations and computers. The remedies to avoid juice jacking are easy and inexpensive. We must adopt the measures so as to keep our devices safe from such cyber-attack threats.

Click Here for Answer Writing Practice Archive

हिन्दी में उत्तर लेखन अभ्यास कार्यक्रम के लिए यहाँ क्लिक करें