BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Beware of Third-Party Accessories

The Dangers of Purchasing Third-Party Computer Accessories

Think all computer accessories and cables are safe? Think again! Learn how your next accessory purchase could expose your organization to hackers and threats.  

Changing Cables

Buying third-party accessories for computing devices can save money, but what if those purchases ended up being the cause of a cybersecurity attack and the exposure of your company’s sensitive data? New third-party charging cables that have come on the market could be your next data breach culprit if you’re not careful. According to a blog post written by NewQuest IT Solutions, modified versions of Apple’s Lightning cables could be used to gain unauthorized access to your organization’s devices. A hacker can use the wireless implant embedded in the cable to commit an intrusion simply by typing in the cable’s IP address.

How It Works

Since the third-party cable cannot be identified as counterfeit with the naked eye, it is easy for many to be fooled into believing it is legitimate. When you plug in the cable to charge or sync a device, a hacker can now access all the information on that device. The wireless implant inside the cable sends out signals equivalent to a Wi-Fi hotspot. By typing in the cable’s IP address, the hacker is able to pull up data from the device, install malware, send scripts and other commands. The hacker can accomplish all of this as long as he or she is within 300 ft of the cable’s wireless signal.

Devices at Risk

Any device that uses a third-party charging cable or accessory is at risk. That risk increases if multiple third-party accessories are plugged in or the supplier of the accessories could be considered suspect. Although the example highlighted by NewQuest IT Solutions is applicable to Apple devices, there are enough third-party cables and accessories for Windows-based devices that can make them far from risk-adverse. Smartphones, computers, tablets and older devices like the iPod that sync are all vulnerable.

What to Look For

To avoid buying counterfeit accessories and cables, double-check the packaging, the accessory and the supplier. Only purchase third-party accessories that are labeled as certified. Another way to avoid a potential cybersecurity threat is to only purchase from trusted and verified suppliers. Finally, consider switching to OEM versions whenever possible. Although the initial or per unit cost might be higher, it could save you and your organization a more expensive headache in the long run.

More Like This

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

Original release date: October 27, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of …

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky Read More »

Read More

Getting Started With Microsoft Teams?

Getting Started With Microsoft Teams? What drives workplace performance? A few years ago, a Stanford study published in the Journal of Experimental Social Psychology suggested that workplace performance was driven by collaboration. In fact, just the thought of collaboration was enough to improve performance. One interesting statistic: 64% of employees working collaboratively had higher success rates than …

Getting Started With Microsoft Teams? Read More »

Read More

AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

Original release date: October 22, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. …

AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems Read More »

Read More

AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

Original release date: October 22, 2020 Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA)—provides …

AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets Read More »

Read More

MFA Bug Opens Door For Hackers To Attack Microsoft 365

New and heightened digital threats develop every day, and having standard security software may not be enough to protect your personal data and business from exploitation from malware attacks. Businesses across industries are vulnerable to new attacks, as many security software lags behind. Hackers find ways to work around the most common security platforms to …

MFA Bug Opens Door For Hackers To Attack Microsoft 365 Read More »

Read More

What Is The Dark Web?

What Is The Dark Web? Are your company’s data and network secure? Solidly secure? Or, are you worried you may have been hacked, putting sensitive data at risk? You may be wondering about the latter if you’re looking up information on the dark web and how it may impact your business. Because, indeed, if you …

What Is The Dark Web? Read More »

Read More