Computer science experts from UTSA have conducted a study on the cybersecurity risks behind micromobility vehicles, also known as e-scooters.
Hackers are a threat to e-scooter companies and their users. With cheap and easily accessible hardware and software tools, hackers can eavesdrop on users and even spoof GPS systems to direct riders to a different location. They can also hurt e-scooter vendors with denial of service attacks and data leaks.
In the study, the team outlines a variety of weak points or attack surfaces in the current ridesharing ecosystem. Some e-scooter models communicate with the rider’s smartphone over a Bluetooth low energy channel. A hacker could eavesdrop on these wireless channels and listen to data exchanges between the scooter and the smartphone.
People who use e-scooters are offering up more than just their billing information. E-scooter providers automatically collect other analytics, like location and individual vehicle information. A hacker could piece this data together to create a complete profile on a person, including preferred route, personal interests and home or work locations.
The researchers say that ridesharing companies need to protect customers and themselves from cybersecurity and privacy threats. This was the first review of the security and privacy risks posed by e-scooters and related software and applications.
E-scooters are a rising trend in many cities. San Antonio, Washington D.C., Austin, Denver, Portland and San Francisco are just a few U.S. cities that have added e-scooters to their city streets. According to the researchers, there are 12,000 scooters on the road in San Antonio alone. Micromobility vehicles are helping people get around without having to sit in congested car traffic.