Rising security risks for electric vehicle chargers getting hacked
We have already seen how the global sales for electric vehicles (EVs) have increased by 60 percent worldwide in just 2022 and it seems that in every seven passenger cars purchased globally was an EV.
Meanwhile, just five years earlier, only one in every 70 cars bought was an EV. This means that global consumer demand for EVs is at an all-time high, but the growth of this sector may mean unprecedented security challenges which are still not quite addressed.
We know that the EV industry is in the midst of a rapid expansion phase even in Malaysia and there are new EV charging stations popping up in parking lots and on street corners the world over.
However, these new installations could prompt cyber attackers (just like what happened with smartphones at public charging points) to target EV charging networks, the vehicles themselves, and/or the connected power grids.
EV charger risk
For many connected devices, the race-to-market has translated to cyber security measures that were ‘bolted on,’ but not ‘built in’.
In other words, cyber security was largely an afterthought. In the case of electric vehicle chargers, that’s a particularly unsettling prospect, as EV chargers are interlinked with other infrastructure.
Meanwhile, the National Institute of Standards and Technology (NIST) has commented on the enormity of the cyber safety concern pertaining to electric vehicle charging stations:
“EVSE [Electric Vehicle Supply Equipment] is supported by electronics, both for charging the vehicle and facilitating communications, so EVSE is susceptible to cyber security vulnerabilities and attacks.
EVSE also ties together two critical sectors, which is transportation and energy (specifically, the grid) that have never been connected electronically before.
This creates the potential for attacks that could have significant impacts in terms of money, business disruptions and human safety.”
Real-world examples
Cyber attacks that exploit EV charging station weaknesses may be able to cause power fluctuations and power outages, as attacks would suddenly alter the demands of EV charging networks.
Alternatively, might a cyber attack completely disable EV charging infrastructure, stranding drivers? This would be similar to cutting off the fuel supply, which almost occurred on the East Coast of the U.S, during the Colonial Pipeline attack.
The examples above represent just a handful of the ugly scenarios that cyber security and electric vehicle supply equipment researchers have written about. A few researchers have already come across vulnerabilities that could allow cyber criminals to remotely shut down EV chargers or steal electricity.