iPhone Charging Cable Hijack is the Future of Cyber Threats
Security Awareness Campaigns – 2 min read December 6, 2019

iPhone Cable Chargers are Vulnerable to Cyber Threats

Every year, Las Vegas is host to one of the world’s largest conferences devoted to hacking — Def Con. The 2019 edition of the conference, Def Con 27, took place in August. Many of the events and talks held at Def Con are primarily of interest to hard-core geeks and cybersecurity experts, but one particular revelation from the 2019 convention should get everyone’s attention.

The issue involves an innocent-looking Apple Lightning cable, designed to connect Apple’s mobile devices to computers, monitors, and other devices. 

 

Few people look at cables as potential threats.

 

Plugging into Trouble

At Def Con 27, Mike Grover, a security researcher whose online name is MG, demonstrated that he could modify the Lightning cable to give him unauthorized remote access to a device. Grover implanted a Wi-Fi-enabled chip in the cable that allowed him to run commands on the computer to which it was connected. This modification would also allow transmission of malicious data.

The modified cable, called the O.MG (Offensive MG), would allow a hacker to lock a screen and gather passwords when the user logged in, as well as to run different commands and scripts. A phishing attack, or any number of other threats, could then be launched

 

Turning Malice to Good Purpose

Grover, who works for Verizon Media as a cybersecurity tester (a so-called red teamer), claims that the implant can be adapted to other USB cables, and points out that, at present, few people look at cables as potential threats. Grover also claims to have spent a good deal of his own money on this hack, and says he is pursuing its development. He believes that his modified cable can help push the discussion about new cyber threats forward. His goal is to have the O.MG marketed as a legitimate security device, although he has not specified what role it would play.

 

Are you worried about being hacked through malicious hardware? Get in touch with CITI. We can create a security awareness campaign for your whole team to make your entire organization less vulnerable to hackers.

 

 

Learn about your IT security. Register for a free cybersecurity consultation.  Book Now Considering moving to the cloud? Find out if the cloud is right for your  company.Book Now
Guide to Email Security from our Practice Safe Cyber Series Download Your Poster
Global Toronto and CreateTO City of Toronto Agencies Case Study
Learn about your IT security. Register for a free cybersecurity consultation.  Book Now
Guide to Ransomware Attacks in Canada
Considering moving to the cloud? Find out if the cloud is right for your  company.Book Now
New IT Infrastructure Transforms Organization. KCI Ketchum Canada
Engage our services and get 10 hours free. It's easy to work with CITI. Become  a client.Book Appointment

IT Insights from our Blog

Read more

We're here to help!

Moving to the Cloud
Cybersecurity

Is your management team asking about your IT security policies and practices? Are you worried about a cybersecurity breach? CITI’s comprehensive IT security services provide all the information your company needs to deal with current and future security situations and concerns. Learn about your IT security. Register for a free cybersecurity session.

Managed Services

There is another way to manage your IT that doesn’t require you call your IT firm. Managed IT services offer proactive care, support, monitoring and maintenance of your computer systems for a fixed monthly fee. Process-driven, less involvement, more predictable cost. Yes, Virginia, there is a way to keep your IT running smoothly that does not require you to make a call.

Pay-As-You-Go

Are you concerned about minimizing IT maintenance costs? Perhaps you’re techno savvy. Or maybe you only need an IT firm for complex IT situations. CITI can provide exactly the volume of IT services that you want and need from network troubleshooting to helping a user with a jammed printer. Our full range of services are available on a per incident basis.

Disaster Recovery

Is the stuff of your nightmares power outages? The only way to deal with a severe interruption to business operations is to plan for it. Beginning with a disaster recovery plan through implementing and maintaining failsafe, foolproof, rock-solid offsite backups, CITI has helped 100s of companies protect their most valuable asset—their data and systems.

IT Consulting

Uncertain if your company should move to the cloud? Do you have doubts about the best way to back up your data? Looking for ways to minimize your vulnerability to IT security breaches? Perhaps you’re looking for help with your annual IT budget. CITI’s IT advisory services help businesses make informed strategic and tactical decisions on information technology.

Call Us