President Biden's fitness regime may be derailed by cyber security concerns, as reports indicate his Peloton bike could be a risk.
According to a Popular Mechanics report, Max Kilger, director of the data analytics program and associate professor in practice at the University of Texas at San Antonio, said spies could use the bike’s microphone and camera to eavesdrop on confidential discussions.
"Because you're connected to the internet, even though there are firewalls and intrusion detection software ... those things can be gotten around if you’re really good and skilled,” he said. "If you really want that Peloton to be secure, you yank out the camera, you yank out the microphone, and you yank out the networking equipment ... and you basically have a boring bike.”
Garrett Graff, director of the cyber security initiative at the Aspen Institute, told the New York Times: “The threat is real, but it is presumably a manageable risk given enough thought and preparation.”
RELATED RESOURCE
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisation
Tim Mackey, principal security strategist at the Synopsys CyRC (Cybersecurity Research Centre), told IT Pro we should assume all IoT devices have hardware that allows them to access information beyond their function.
“That might be a microphone that the designers added in anticipation of a future feature, logging of Bluetooth targets for possible pairing, or interactions with third-party services,” he said.
According to Mackey, while this isn’t an overarching threat for most home users, IoT devices deployed in sensitive areas, like the White House or Congressional residences, should be inspected for any latent hardware and undergo a firmware analysis.
“This can help to determine whether it has any unpatched security issues, but also to determine if it has any embedded phone home mechanisms or interacts with third-party APIs in an undisclosed manner," Mackey said.
"Since many IoT devices have some form of over the air (OTA) update mechanism for their firmware, understanding the conditions under which that update occurs, what data is sent with a request, and what the updated firmware’s security risks might be are all part of operating any network containing IoT devices.
"Such risks only increase when there are high-profile users of the IoT device where the user might be a target for a well-funded attacker."
-
Meta is building the world’s longest subsea cable: Project Waterworth will span 50,000 km and connect five continents – and it aims to boost global connectivity and AI servicesNews Meta has announced plans to build the world's longest subsea cable in a bid to supercharge global connectivity and drive AI innovation.
-
Stargate project: OpenAI, Oracle pledge support for $500 billion AI infrastructure driveNews US President Donald Trump has unveiled the launch of the $500 billion Stargate Project to expand US AI infrastructure in collaboration with OpenAI, Oracle, and SoftBank.
-
FCC to consider huge update to minimum broadband speedNews A new required speed of 100 Mbits/sec down would give consumers and small businesses a boost, but could raise prices
-
US telcos request $5.6 billion to rip out Huawei, ZTE equipmentNews The FCC says it has received 181 applications from small carriers to access its funding
-
HPE inks $2 billion high-performance computing deal with the NSANews HPE will provide scalable on-premises computing to the NSA using Greenlake
-
US Air Force taps Novetta for base defense operationsNews Novetta’s defense solution connects disparate data sources to improve situational awareness
-
Biden plans to connect every American to broadbandNews Infrastructure plan includes $100 billion to expand access to high-speed internet
-
White House launches official investigation into use of personal email accountsNews Senate Intelligence Committee rebukes Kushner for omitting private account
