01924 241 281 hello@biscuit.uk.com

What are Malicious Cables?

Businesses are becoming increasingly aware of the cyber-security threats that their operations face. Cyber-criminals got creative during lockdown. They turned their attention away from taking down business operations with sophisticated hacks. Instead they now look to trick individual members of staff into giving away valuable passwords and data.

This often occurs online, but recently it’s taken an even more sinister turn. Hackers know that businesses are now moving towards more flexible working practices. There is an increasingly blurred line between what is a work and personal device. This leads to the creation of technology like malicious cables.

What are malicious cables?

They generally look exactly like the cables we use every day. They replicate the look of charging cables for our laptops, Macs, smartphones and accessories for these devices. When pictured side by side it’s practically impossible to tell the difference.

Can you tell the difference between the normal and malicious cable?

The cables work by creating their own WiFi hotspot once they have been connected to your device. From here, a hacker can simply connect to the hotspot and start causing havoc. Their initial function was to allow hackers to start recording every keystroke that their victim makes.

At surface level this feature doesn’t sound especially useful unless you’re in Mission Impossible. It’s worth remembering though that the first two things you type in when you start up your devices are usually your username and password.

The most recent development is that the creator of these cables has now adapted the manufacturing process to be able to replicate a USB-C to Lightning Cable, meaning they can be used on Apple devices and accessories. These cables reportedly have a usable range of one mile. Meaning whoever is hacking your device may be nowhere near you.

Recording keystrokes isn’t the only functionality of malicious cables. These new services can also upload ‘payloads’ that can damage devices. Naturally these payloads can be disastrous to any device they target, but without oversight from the hacker they can potentially damage any device that connects to the cable.

How could this affect your business?

With the rise of Bring Your Own Device policies in the workplace, forms of attack like malicious cables are likely to become more widespread. We store more work data on our personal devices than ever before, including financial data, customer information or even just private emails. Devices like malicious cables, and more traditional phishing techniques can massively put your business at risk.

It doesn’t even have to be targeted. We mentioned earlier that if one of these devices is left in a public place that it had the potential to leave payloads on any device that connected to it. This means your business doesn’t even have to be the intended target for any attack.

We mentioned previously that attacks like this are becoming targeted less at huge corporations, and more towards SMEs. Cyber criminals make the assumption that smaller teams, such as those in the education and manufacturing sectors, have less technical knowledge and are easy pickings.

It’s important that you and your team understand the risks that cyber-attacks pose and the best practices to follow.

What you can do

There are steps you can take to avoid cyber-security threats while still accessing the benefits of flexible working.

Taking care when working remotely can help you to avoid a huge range of different issues. We say this often at Biscuit but do try and avoid using public WiFi where possible. If any compromised devices are connected to these networks, then any malware they are infected with could potentially spread to your device as well.

With the emergence of these malicious cables, you should also be careful around any chargers that are offered in public working spaces. We know these work hubs are becoming increasingly common, but you still need to take the same level of care.

Passwords are also something you should look out for. Although devices like malicious cables can trace keystrokes, if you use a password management service you can generally bypass having to enter a password at all.

How Biscuit can help

If you’re seeing this new range of cyber threats and have concerns for your business, it’s understandable. We’re facing an unprecedented threat from cyber criminals. At Biscuit we’re here to help. It’s no exaggeration to say that we can do it all.

Get in touch and we’ll provide a free cyber-security consultation. From here we can install and maintain firewalls, put spam filters in place for your emails and monitor against the latest threats. We’ll flag any potential issues with your systems and have them fixed within minutes.

We’d love to get in touch, our process involves working alongside businesses to see the services that they actually need and adjusting our service accordingly. You can get in contact with our team at 01924 241 281.