According to a Popular Mechanics report, President Joe Biden is going to move to the White House and likely he will have to give up his Peloton exercise equipment for security reasons.
Peloton exercise equipment’s popularity surged during the pandemic, it allows users to do gymnastic exercise from home, interacting with each other within an online community.
Peloton devices are connected online and are equipped with a camera and microphone that give the users an immersive experience and communications capabilities. On the other side, these features pose a potential risk to the user in case of a hack, and President Joe Biden is a privileged target.
To secure the exercise equipment, Biden’s Peloton may have to be modified, removing the microphone, camera and networking equipment.
“If you really want that Peloton to be secure, you yank out the camera, you yank out the microphone, and you yank out the networking equipment … and you basically have a boring bike,” Max Kilger, Ph.D., director of the Data Analytics Program and Associate Professor in Practice at the University of Texas at San Antonio, told Popular Mechanics. “You lose the shiny object and the attractiveness.”
The case has an important precedent, three years ago The Verge revealed that a person close to the company confirmed that Michelle Obama had a Peloton, but it was a modified model, without a camera or microphone.
Peloton runs a custom operating system built on top of Android’s own system and is equipped with networking equipment to access the user’s home WiFi network or a hard-wired connection, like Ethernet.
“That allows the bike to communicate with your Apple Watch or Fitbit, which are internet-of-things (IoT) devices that contain microphones. If a hacker found a way to infect Biden’s Peloton, then it’s theoretically possible they could hop from the bike to the watch and vice versa,” Kilger added.
Several hacking communities online focus on IoT devices, including the Peloton equipment. The risk is that someone could find a way to compromise the equipment with malware, then move laterally within the host network and compromise any other connected device.
The report pointed out that Secret Service can take precautions to secure the gym sessions of the President. They could set up the bike in a special gym area where it is not allowed to discuss classified topics. Another countermeasure is to use a hardwired connection for the President’s Peloton equipment that’s separate from the rest of the White House network.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Peloton)