The FBI has warned against the use of public charging points for electronic devices, saying they can be a gateway for cyber criminals.
Public charging stations heightens the risk of bad actors installing malware and gaining access to devices, the top US law enforcement agency's Denver department said on Twitter.
“Avoid using free charging stations in airports, hotels or shopping centres. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software on to devices,” the FBI said.
“Carry your own charger and USB cord and use an electrical outlet instead.”
Charging stations have become ubiquitous in public spaces, including malls, hotels, restaurants and parks, providing users a convenient way to power up their devices.
However, the practice has paved the way for what is called “juice jacking”, which simply means using a USB connection to compromise a device.
Aside from bringing personal charging equipment, it is also advised to plan ahead and charge devices before stepping out to prevent any cyber risk that may result from using public charging points.
WHAT%20IS%20'JUICE%20JACKING'%3F
%3Cp%3E%E2%80%A2%20Juice%20jacking%2C%20in%20the%20simplest%20terms%2C%20is%20using%20a%20rogue%20USB%20cable%20to%20access%20a%20device%20and%20compromise%20its%20contents%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20The%20exploit%20is%20taken%20advantage%20of%20by%20the%20fact%20that%20the%20data%20stream%20and%20power%20supply%20pass%20through%20the%20same%20cable.%20The%20most%20common%20example%20is%20connecting%20a%20smartphone%20to%20a%20PC%20to%20both%20transfer%20data%20and%20charge%20the%20former%20at%20the%20same%20time%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20The%20term%20was%20first%20coined%20in%202011%20after%20researchers%20created%20a%20compromised%20charging%20kiosk%20to%20bring%20awareness%20to%20the%20exploit%3B%20when%20users%20plugged%20in%20their%20devices%2C%20they%20received%20a%20security%20warning%20and%20discovered%20that%20their%20phones%20had%20paired%20to%20the%20kiosk%2C%20according%20to%20US%20cybersecurity%20company%20Norton%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20While%20juice%20jacking%20is%20a%20real%20threat%2C%20there%20have%20been%20no%20known%20widespread%20instances.%20Apple%20and%20Google%20have%20also%20added%20security%20layers%20to%20prevent%20this%20on%20the%20iOS%20and%20Android%20devices%2C%20respectively%3C%2Fp%3E%0A
Malware — a programme typically designed to disrupt or gain unauthorised access into a system — constitutes one of the biggest threats in the IT industry.
It is part of the wider cyber crime sector projected to cause global financial damage of about $10.5 trillion by 2025, according to data from Cybersecurity Ventures.
Globally, about 5.5 billion malware attacks took place in 2022, an increase of 2 per cent from 2021 and nearly half the 10.5 billion peak recorded in 2018, data from Statista shows.
Cyber attacks can cause reputational and financial damage to users. The global average cost for a data breach in 2022 was $4.35 million, up from $4.24 million the previous year, according to the latest edition of IBM's Cost of a Data Breach report.
The FBI has similar guidance on its website, covering a variety of topics on internet safety, including warning against conducting sensitive transactions on a public Wi-Fi network.
“Every day tasks — opening an email attachment, following a link in a text message, making an online purchase — can open you up to online criminals who want to harm your systems or steal from you,” the FBI said.
“Preventing internet-enabled crimes and cyber intrusions requires each of us to be aware and on guard.”
It is not clear if the FBI warning is prompted by any specific case, but US authorities have warned about “juice jacking” in the past.
Most recently, the Federal Communications Commission also warned that cyber criminals can gain access to online accounts and even sell them in the dark web through “juice jacking”.
“Cyber security experts have warned that criminals can load malware on to public USB charging stations to maliciously access electronic devices while they are being charged,” the FCC said.
“Malware installed through a dirty USB port can lock a device or export personal data and passwords directly to the perpetrator.”
The Los Angeles County District Attorney’s Office in November 2019 had also cautioned travellers about USB charger scams.
Another way to earn air miles
In addition to the Emirates and Etihad programmes, there is the Air Miles Middle East card, which offers members the ability to choose any airline, has no black-out dates and no restrictions on seat availability. Air Miles is linked up to HSBC credit cards and can also be earned through retail partners such as Spinneys, Sharaf DG and The Toy Store.
An Emirates Dubai-London round-trip ticket costs 180,000 miles on the Air Miles website. But customers earn these ‘miles’ at a much faster rate than airline miles. Adidas offers two air miles per Dh1 spent. Air Miles has partnerships with websites as well, so booking.com and agoda.com offer three miles per Dh1 spent.
“If you use your HSBC credit card when shopping at our partners, you are able to earn Air Miles twice which will mean you can get that flight reward faster and for less spend,” says Paul Lacey, the managing director for Europe, Middle East and India for Aimia, which owns and operates Air Miles Middle East.
Emergency
Director: Kangana Ranaut
Stars: Kangana Ranaut, Anupam Kher, Shreyas Talpade, Milind Soman, Mahima Chaudhry
Rating: 2/5
DSC Eagles 23 Dubai Hurricanes 36
Eagles
Tries: Bright, O’Driscoll
Cons: Carey 2
Pens: Carey 3
Hurricanes
Tries: Knight 2, Lewis, Finck, Powell, Perry
Cons: Powell 3
Mercer, the investment consulting arm of US services company Marsh & McLennan, expects its wealth division to at least double its assets under management (AUM) in the Middle East as wealth in the region continues to grow despite economic headwinds, a company official said.
Mercer Wealth, which globally has $160 billion in AUM, plans to boost its AUM in the region to $2-$3bn in the next 2-3 years from the present $1bn, said Yasir AbuShaban, a Dubai-based principal with Mercer Wealth.
“Within the next two to three years, we are looking at reaching $2 to $3 billion as a conservative estimate and we do see an opportunity to do so,” said Mr AbuShaban.
Mercer does not directly make investments, but allocates clients’ money they have discretion to, to professional asset managers. They also provide advice to clients.
“We have buying power. We can negotiate on their (client’s) behalf with asset managers to provide them lower fees than they otherwise would have to get on their own,” he added.
Mercer Wealth’s clients include sovereign wealth funds, family offices, and insurance companies among others.
From its office in Dubai, Mercer also looks after Africa, India and Turkey, where they also see opportunity for growth.
Wealth creation in Middle East and Africa (MEA) grew 8.5 per cent to $8.1 trillion last year from $7.5tn in 2015, higher than last year’s global average of 6 per cent and the second-highest growth in a region after Asia-Pacific which grew 9.9 per cent, according to consultancy Boston Consulting Group (BCG). In the region, where wealth grew just 1.9 per cent in 2015 compared with 2014, a pickup in oil prices has helped in wealth generation.
BCG is forecasting MEA wealth will rise to $12tn by 2021, growing at an annual average of 8 per cent.
Drivers of wealth generation in the region will be split evenly between new wealth creation and growth of performance of existing assets, according to BCG.
Another general trend in the region is clients’ looking for a comprehensive approach to investing, according to Mr AbuShaban.
“Institutional investors or some of the families are seeing a slowdown in the available capital they have to invest and in that sense they are looking at optimizing the way they manage their portfolios and making sure they are not investing haphazardly and different parts of their investment are working together,” said Mr AbuShaban.
Some clients also have a higher appetite for risk, given the low interest-rate environment that does not provide enough yield for some institutional investors. These clients are keen to invest in illiquid assets, such as private equity and infrastructure.
“What we have seen is a desire for higher returns in what has been a low-return environment specifically in various fixed income or bonds,” he said.
“In this environment, we have seen a de facto increase in the risk that clients are taking in things like illiquid investments, private equity investments, infrastructure and private debt, those kind of investments were higher illiquidity results in incrementally higher returns.”
The Abu Dhabi Investment Authority, one of the largest sovereign wealth funds, said in its 2016 report that has gradually increased its exposure in direct private equity and private credit transactions, mainly in Asian markets and especially in China and India. The authority’s private equity department focused on structured equities owing to “their defensive characteristics.”
WHAT%20IS%20'JUICE%20JACKING'%3F
%3Cp%3E%E2%80%A2%20Juice%20jacking%2C%20in%20the%20simplest%20terms%2C%20is%20using%20a%20rogue%20USB%20cable%20to%20access%20a%20device%20and%20compromise%20its%20contents%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20The%20exploit%20is%20taken%20advantage%20of%20by%20the%20fact%20that%20the%20data%20stream%20and%20power%20supply%20pass%20through%20the%20same%20cable.%20The%20most%20common%20example%20is%20connecting%20a%20smartphone%20to%20a%20PC%20to%20both%20transfer%20data%20and%20charge%20the%20former%20at%20the%20same%20time%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20The%20term%20was%20first%20coined%20in%202011%20after%20researchers%20created%20a%20compromised%20charging%20kiosk%20to%20bring%20awareness%20to%20the%20exploit%3B%20when%20users%20plugged%20in%20their%20devices%2C%20they%20received%20a%20security%20warning%20and%20discovered%20that%20their%20phones%20had%20paired%20to%20the%20kiosk%2C%20according%20to%20US%20cybersecurity%20company%20Norton%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20While%20juice%20jacking%20is%20a%20real%20threat%2C%20there%20have%20been%20no%20known%20widespread%20instances.%20Apple%20and%20Google%20have%20also%20added%20security%20layers%20to%20prevent%20this%20on%20the%20iOS%20and%20Android%20devices%2C%20respectively%3C%2Fp%3E%0A
