Search
Close this search box.
Sign up for our weekly Newsletter

Could electric vehicles present a cybersecurity risk?

Business Motoring

car

Share

29 March 2022

Small business owners are adding EVs to their service fleets but connecting them to the public charging stations is raising concerns, according to an HSB report

As the shift towards automated electric vehicles accelerates, protecting the security of these vehicles has quickly become a top-of-mind priority and with a good reason. A recent poll found that 15% of small and medium-sized businesses had purchased or leased EVs for commercial use.

76% of those business owners and managers are knee-deep in doubts regarding the cybersecurity of their service fleets as electric vehicle charging stations could be a target for ransomware, hackers, and other cyber-attacks.

Cybersecurity Considerations for EV Chargers

Amid nationwide efforts to increase the number of electric cars in the U.S, a new potential vulnerability has emerged: electric vehicle charging stations.

At least 39% of EV sector professionals noted security as a critical vulnerability on the adoption of IoT–based EV infrastructure. With more EV charging stations being planned and constructed day by day across the state, an uptick in connected devices puts the energy sector at cybersecurity risks.

Experts say the EV charging infrastructure is as vulnerable to this kind of threat as any other connected device. Still, the intricacy and rapid evolution of technology and connected devices put this technology at great risk. As we well know, the IoT technology is managing data analytics and payment in the EV charging station, which gives cybercriminals the green light, and consumers a reason to claim compensation for a data breach.

Cybersecurity experts have discovered a series of vulnerabilities amongst the systems and highlighted the 13 most severe vulnerabilities, such as cross-site scripting and missing authentication. These vulnerabilities would allow hackers to inflict a series of attacks, including disguising themselves as actual users to access data or manipulating firmware.

What’s more, many of the EV charging stations today use out-of-date Open Charge Point Protocol based on HTTP, which does not encrypt communications or data. This could encourage relay or man-in-the-middle attacks where hackers used seemingly legal signals like WIFI.

USB ports on public charging stations also represent a green light for hackers to directly affect drivers ‘privacy. A simple flash drive is enough to copy data and logs to the drive, giving cybercriminals OCPP data and confidential information of the drivers.

While it’s possible to cause several issues on various entities within the EV ecosystem, cybersecurity experts make efforts to investigate large-scale attacks that have a severe impact on the compromised charging points, their users, and the connected power grid.

Grid Security at Risk

Since an EV with a breached system can communicate with its connected charging station, there’s a good chance that malware can spread from this node to a network of other EVs and electric grids at large.

EV charging stations represent a link between vehicles and the power grid – a high-wattage wattage access point that anyone with basic programming know-how can potentially exploit to access the grid. Electric vehicles that use public charging stations generate data like charging time, location, and information on the average hourly power draw for each station. This data is valuable for someone who wishes to manipulate demand at a certain EV charging station.

Even so, it’s the kind of information anyone can access, as it’s transferred wirelessly by third-party apps that serve the EV owners. Obviously, not all information is made public, but a combination of resources accessible through utilities’ public releases may be used to build a power grid map and develop the system components.

Safety Guidance for Electric Vehicles

Emerging studies on cyber-physical security give carmakers and engineers the possibility to develop a first-stage cybersecurity system. Recent studies also suggest some basic mitigation techniques to defend EVs against cyber-attacks.

  • Improved firewall
  • Secure on-board diagnostics port
  • Reliable hardware
  • Penetration testing
  • Secure software updates
  • Code reviews

Most importantly, the study suggests developing a cybersecurity monitoring system capable of detecting, locating, diagnosing, and mitigating cyberattacks.

Secure APIs

Electric vehicles use APIs (Application Programming Interfaces) to access third-party software and applications. It’s important to ensure these interfaces are layered with strong authentication and security features. Using software that addresses cloud-based security vulnerabilities might prove beneficial for users – these allow drivers to sign into their vehicle’s system via a secondary device, ensuring that the right user is in control of the system.

Turn off smart devices when not in use

A vehicle’s connectivity ports for mobile systems, Bluetooth and music players offer services by picking up outside signals. Cyberattacks know how to intercept these signals to access a car’s system. By turning off these devices, EV owners can remove any entry points that could make their vehicles more susceptible to remote attacks.

Car accidents are not the only threat when operating an electric vehicle. While the latest driving technology has many benefits and conveniences to offer, it also means car security has become more complicated. There are a number of vulnerabilities that are outside the owner’s control, and it’s up to car manufacturers to lead the way in reducing potential risks. That said, EV cybersecurity should be a top-of-mind priority for every driver, dealer, and manufacturer. It’s a multi-layered and complex work requiring collaboration and ongoing vigilance.

 

Share this article

Facebook
Twitter
LinkedIn
WhatsApp
Reddit
Email

Want more motoring news?

Sign up here for our free weekly serving of motoring.

Sign up here for our free weekly serving of motoring.

Business Motoring

Business Motoring

Business Motoring is the motoring resource for small businesses and SME small fleets running company cars and business cars.

Latest news

europcar-mobility-group-ql08h5aamcrmjs1s10nltxwjes3dieg22dijxvj21a
  • Electric Vehicles, News

Europcar walks the talk to accelerate electric motoring

img 1348
  • BMW Reviews, Car news and reviews, News

Road and track – BMW M5 CS review

charging-ev-car-electric-vehicle-clean-energy-for-2022-11-16-17-24-00-utc
  • Electric Vehicles, News

Is the government sleepwalking into an EV crisis?

unnamed 7 6
  • Car news and reviews, Electric Vehicles, News

Vauxhall unveils next gen Grandland

unnamed 5 3
  • News

Leasys to provide comprehensive short-term rental service

​Business Motoring is the motoring resource for small businesses and SME small fleets running company cars and business cars. We can help with questions about car leasing, company car tax, business mileage, writing down and leasing allowances, and all the other detail you need to know about running a car on the business. As well as this, we have the latest car news, company car taxation news and car reviews to help you make the right choice for your next company car, along with special car leasing offers to help you get the right business car leasing deal.

Twitter Linkedin Youtube Facebook

Want more motoring news?

Sign up here for our free weekly serving of all things motoring.

© Business Motoring 2024
Top
Twitter Linkedin Youtube Facebook

BUSINESS MOTORING

GET INVOLVED

SUBSCRIBE

Sign up here for our free weekly serving of Leasing news.

CLICK HERE