Published: Nov. 15th, 2019
The so-called ‘mobility sharing’ has become routine, with the control of power-kickboards and vehicles on mobile phones.
In order to use these services, you need to provide sensitive personal information, such as credit card numbers, to your business, so is there any risk of hacking?
Sohn Seo-young experimented.
Electric kickboards that are seen all over the street as the number of users has increased recently.
Locate the kickboard at the location shown on the GPS-based app.
The QR code will start the drive.
Due to location management and payment, connecting the mobile phone to Bluetooth is mandatory.
How about security?
We did experiments with experts.
This is a so-called ‘man-in-the-middle attack’ that breaks into the network between users and businesses connected by wireless.
You can intercept encrypted and exchanged IDs and passwords.
This means that hackers can log in as if they are other users, then use the kickboard and even pay for it.
You can also collect personal information.
[Jung Hyun-chul/CEO Norma: “Protocols such as Wi-Fi and Bluetooth are at risk because authentication and encryption steps are not clearly established.”]
Shared vehicles will also be affected.
We’ve also been attacking Wi-Fi connected to cell phones.
You can view your mail and search in real time, and you can also see the navigation path.
If the shared mobility service is expanded, such as autonomous driving, it is feared that the hacking will cause damage to the operation of the vehicle.
[Professor Kim Kwang-jo/Kaist of Computer Science: “We should consider sufficient security structures in advance, taking the security lightly and considering the possibility of crippling the system by malicious users once we enter the market.”
The government is also working on measures to enhance wireless security, but it is only at the level of prevention and recommendation of operators.