Critical vulnerabilities in the technology behind at least one model from Segway/Ninebot's range of electric scooters could be exploited to give hackers "full control" over the device and send riders tumbling to the ground, according to experts from security firm IOActive.
A team of researchers at the US-headquartered company this week (19 July) disclosed a series of critical security flaws in Segway's miniPRO scooter which, if exploited, could at one time be used to disrupt the device's settings, speed, direction of movement and internal motor.
Ninebot, which purchased Segway Inc. back in 2015, sells the miniPRO line of self-balancing motorised scooters as a futuristic form of transportation. It's a hands-free device designed to traverse both indoor and outdoor terrains, according to its website.
A Ninebot smartphone app is used to control a slew of the scooter's custom features. These include: adjusting light colours, modifying safety features, setting anti-theft alarms, running vehicle diagnostics, and even remotely commanding the miniPRO to move.
But over the past eight months, IOActive embedded devices security consultant Thomas Kilbride tested the miniPRO-related mobile application, firmware images, and other software to identify the series of flaws.
The firm has now released a technical advisory exposing the issues in detail.
The analysis shows how Kilbride was able to perform firmware updates on the scooter's control system without authentication which leaves the device open to further hacks. In the worst-case scenario, he could force the full-speed scooter to abruptly stop.
A malicious hacker exploiting the bugs, the IOActive expert explained, could inject malware-ridden firmware updates and remotely send dangerous code. Worryingly, the flaws could also reportedly allow real-time device tracking and the circumvention of critical safety systems.
"Found, tracked and hijacked"
"FTC regulations do require scooters to meet certain mechanical and electrical specifications to help avoid battery fires and various mechanical failures," said Kilbride.
"However, there are currently no regulations centred on firmware integrity and validation, despite being integral to the safety of the system. As my research indicates, this lack of regulation could lead to a number of dangerous situations."
"Using reverse engineering [...] I was able to discover a number of worrisome security threats.
"I determined that riders in the area were indexed using their smartphone's GPS. Therefore, each rider's location was publicly available, so the hoverboards could be found, tracked, hijacked, and controlled without the rider's knowledge."
IOActive initially contacted Segway/Ninebot via email to report the security issues on 24 December last year, finally getting a response on 4 January 2017. In April, the firm released an updated application and resolved all remaining bugs by the end of the same month.
The security firm is perhaps best known for its experiments on the Jeep Cherokee. The latest findings back up the assertion that everything can be hacked, no matter how unlikely it may seem. Segway hacking may not be common, but it has the potential to cause real injury.