IBM Security Global Managing Partner Charles Henderson spoke to Forbes about how even charging cables can be used to compromise your phone.
“Being careful about what you plug into your devices is just good tech hygiene,” Henderson explained, likening it to any other sensitive travel item. “If you were on a trip and realized you forgot to pack underwear, you wouldn’t ask all your co-travelers if you could borrow their underwear. You’d go to a store and buy new underwear.”
Henderson is also head of IBM’s X-Force Red, self-described as an “autonomous team of veteran hackers, within IBM Security, hired to break into organizations and uncover risky vulnerabilities that criminal attackers may use for personal gain.”
Products like the “O.MG” cable offer anyone the capability to control someone’s device at paltry expense. Fortunately, this technology has not yet saturated the market. For the time being, mass anonymous attacks using such devices are not an immediate threat. “This kind of attack doesn’t scale real well, so if you saw it, it would be a very targeted attack,” Henderson said.
Still, Henderson warned, “just because we haven’t yet seen a widespread attack doesn’t mean we won’t see it, because it certainly does work.” In the end, the best way to stay safe is to treat connections like underwear — and make sure you are not using any that someone else has soiled.