High-end bicycles used in prominent road races like the Tour de France are increasingly susceptible to cybersecurity threats targeting their wireless gear-shifting systems.
In recent years, bicycle manufacturers have embraced wireless gear-shifting technology to give riders more precise control when changing gears, avoiding the physical limitations of mechanical systems. However, this shift has introduced significant cybersecurity vulnerabilities, as discovered by a team of computer scientists from the University of California San Diego and Northeastern University.
“Security flaws in wireless gear-shifting systems can severely affect rider safety and performance, especially in professional races,” the researchers stated. “These vulnerabilities could be exploited by attackers to gain an unfair advantage, potentially causing crashes or injuries by manipulating gear shifts or jamming the shifting mechanism.”
The team is now collaborating with Shimano, a leading bicycle component manufacturer, to address these vulnerabilities. Shimano was chosen due to its dominant market share in wireless gear shifters.
The gear-shifting system operates by using wireless connections between the rider-controlled shifters and the derailleur, which moves the bike’s chain between gears. The researchers identified three key vulnerabilities within this system:
1. Attackers can record and replay gear-shifting commands, gaining control over the bike’s gear shifting without needing cryptographic key authentication. The research team demonstrated these attacks from up to 10 meters away using readily available devices called software-defined radios, without needing an amplifier. Recorded data could be reused as long as the bike components remain paired.
2. Attackers can also easily disable or jam the gear shifting on a specific bike without affecting nearby systems, posing significant risks to riders.
3. The communication protocol used by the wireless system, ANT+, leaks information, enabling attackers to monitor the target’s actions in real-time.
“The history of professional cycling’s challenges with illegal performance-enhancing drugs highlights the attractiveness of such undetectable attacks, which could similarly undermine the sport’s integrity,” the researchers noted. “Given these risks, it is crucial to approach this technology from an adversary’s perspective and ensure it can withstand sophisticated attacks in the highly competitive environment of professional cycling.”
The researchers have developed several countermeasures to prevent replay attacks, mitigate targeted jamming, and stop information leaks. Shimano has already implemented some of these solutions, with a broader update set to be released soon.
- Press release – University of California – San Diego