Hacked electric skateboards could send riders flying

Two security researchers recently showed how electric skateboards can be hacked--and how riders could get seriously injured in the process.

Skateboarding can be a fun way to get around town, and electric skateboards make commuting via skateboard a more viable option for many. But as a recent Wired article reminds us, electric skateboards are effectively computers on wheels, and unless they're properly secured, they too can be vulnerable to hacking.

According to Wired, security researchers Richo Healy and Mike Ryan hacked a motorized longboard-style skateboard from Boosted to control it remotely from a nearby laptop. Their exploit, which they fittingly named FacePlant, takes advantage of the unsecured Bluetooth connection between the board and the remote control you use as you ride.

With FacePlant, Healy and Ryan interrupt the unencrypted Bluetooth connection between the remote and the board. As a result, they are able to commandeer the board and cause it to abruptly roll backwards. As a result, the rider gets thrown off the board and, you know, faceplants.

Healy and Ryan tell Wired that the board slows briefly before it begins to roll backwards, so if you're alert enough, you can prepare yourself. But if not, you'll likely end up eating asphalt.

According to Wired, the researchers reported this issue to Boosted back in September of last year, but the company has yet to address the flaw. Healy and Ryan say that other electric skateboards--and electric bikes--may be vulnerable to other flaws.

Head on over to Wired for the full skinny on the Healy and Ryan's hack, and to see a video of the hack in action. It might be enough to make you stick to pushing around the old-fashioned way.

At the moment, you probably don't need to worry too much about mischief-makers hacking into your electric skateboard as you cruise down the street, but Healy and Ryan's work serves as another reminder that transportation tech companies need to take security more seriously before someone gets hurt.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityCondé Nast

More about

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Nick Mediati

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place