Electronic scooters have been found to have multiple security risks, according to research and analysis from Which? and NCC Group, an IT security firm.
Electronic scooters have risen in popularity, prompting discussions on traffic safety and the cybersecurity of the vehicles. Users can rent electronic scooters and pay per use via mobile applications.
After assessing nine brands of electronic scooter, the firms identified six security risks that can put users and communities in danger.
- Exceeding speed limit: One-third of the electronic scooter brands were able to exceed the legal speed limit for the vehicles.
- Lock hacking: Electronic scooter users access scooters via mobile applications. Some of these applications were found to have vulnerabilities that allowed hackers to remotely lock scooters while at high speeds, potentially endangering the rider.
- Outdated application code: Five of the analyzed brands utilized apps with outdated code, creating cybersecurity flaws.
- Data encryption: None of the electronic scooter brands encrypted user information securely, according to the research. Data including login times and ride information was accessible to hackers.
- Accessible serial wire debug (SWD) port: One scooter brand came equipped with an exposed SWD port on the vehicle, which could allow hackers to bypass security measures.
- Sideloading: One brand did not release a mobile app via a reputable app store, which opens users who download the application up to cybersecurity risks.
For further information on electronic scooter risk mitigation strategies, click here.