Joe Biden’s Peloton bike may pose a cybersecurity risk, experts warn

US leader’s fitness regime could possibly cause unexpected headache for security services

Joe Biden's fitness regime may potentially cause an unexpected headache for security services charged with keeping the new US president safe in the White House, with his Peloton exercise bike viewed by some as a potential cybersecurity risk.

At home in Wilmington, Delaware, Mr Biden is reported to start each day with a workout in a gym equipped with weights, treadmill, and the Peloton bike. Peloton combines a stationary exercise bike with an interactive tablet that allows the rider to take part in group training sessions remotely. Already gaining traction before the coronavirus pandemic, Covid-19 restrictions have led to a surge in the product’s popularity among those unable to get to their regular gym.

However, as well as watching an instructor, participants in the sessions are also on view – meaning Mr Biden’s tablet comes equipped with a webcam and a microphone, which would be located in a sensitive area of the White House.

Popular Mechanics magazine spoke to cybersecurity expert Max Kilger of the University of Texas about the risk. He said: "Because you're connected to the internet, even though there are firewalls and intrusion detection software . . . those things can be gotten around if you're really good and skilled. If you really want that Peloton to be secure, you yank out the camera, you yank out the microphone, and you yank out the networking equipment . . . and you basically have a boring bike. You lose the shiny object and the attractiveness."


Specially modified

It is not the first time the issue has been raised. A 2017 review revealed that former US first lady Michelle Obama had been supplied with a specially modified Peloton that came without a camera or microphone.

The problem for Mr Biden is not insoluble, and White House security experts have to adapt to changing technology all the time, although the issue may be particularly sensitive at the moment given the recent cyberattack on US federal agencies. At least six government departments were breached in a likely Russian intelligence operation thought to have begun in March.

Garrett Graff, the director of the cybersecurity initiative at the Aspen Institute, told the New York Times: "The threat is real, but it is presumably a manageable risk given enough thought and preparation." – Guardian