A new study from the University of Texas at San Antonio (UTSA) has discovered a number of potential security risks associated with the boom of e-scooters.
Researchers from UTSA found that there were significant data and security issues associated with the booming use of e-scooters. The study initially focused on safety problems that e-scooters pose to pedestrians.
With the financial support from tech companies, e-scooters have rapidly grown in numbers at major cities around the world as they offer a green solution to inner-city travel. However, it has resulted to backlash that forced some cities to ban them and implement strict licensing for a limited number of providers.
Aside from the danger they pose to pedestrians, e-scooters have been seen strewn over pavements and public areas once users have completed their journey or they run out of power.
Lead researcher Murtuza Jadliwala, an assistant professor in UTSA’s Department of Computer Science, said: “We were already investigating the risks posed by these micromobility vehicles to pedestrians’ safety. During that study, we also realized that besides significant safety concerns, this new transportation paradigm brings forth new cybersecurity and privacy risks as well."
Jadliwala mentioned: “We’ve identified and outlined a variety of weak points or attack surfaces in the current ride-sharing, or micromobility, ecosystem that could potentially be exploited by malicious adversaries right from inferring the riders’ private data to causing economic losses to service providers and remotely controlling the vehicles’ behavior and operation.”
The researchers pointed out that some e-scooter models communicate with the user’s smartphone via a Bluetooth Low Energy channel, which may potentially be hacked using readily available hardware like Ubertooth and software tools such as WireShark.
This will enable hackers to eavesdrop on communications between e-scooters and phones, tapping into data including a user’s preferred route, personal interests, and home and work locations. They may also lead the riders to their chosen location by sending false GPS directions.
