When And How Are EVs Going To Be Hacked Is The Next Question
Imagine, for example, if an ill-intended attacker installed malicious software at public charging stations. They could theoretically get lots of information from your car, including your car’s ID, how you pay, and how much battery power is left. In particularly worrisome situations, they could use the connection between the charging station and the car as an entry point to access your car’s internal software system and meddle with it.
This is why we are sharing this research paper from IEEE Spectrum. Marco De Vincenzi, a researcher at the Istituto di Informatica e Telematica (IIT) in Pisa, Italy, is trying to bring attention to this issue.
He and his colleagues led a discussion on EV security and privacy vulnerabilities at last years IEEE 97th Vehicular Technology Conference.
“This puts the owner’s vehicle at risk of unauthorized access and control,” says De Vincenzi.
Although it makes sense for attackers to focus their efforts on public charging stations, where they could reach many people, private charging stations in people’s homes could allow attackers to access more personal information. With the right kind of attack, hackers could use the private charging station to access the owner’s home systems.
But De Vincenzi cautions that the impacts of malicious attacks on EV security can extend beyond individuals. “EV charging stations are often linked to the broader energy grid, forming a connection that, if not properly secured, can become a gateway for trouble,” he explains.
For instance, if a skilled hacker were to successfully breach both the grid’s energy management system which oversees energy distribution within entities like microgrids and a charging station, the entire grid could be compromised.
“Theoretically, this would grant the attacker the ability to access the system, read users’ information, extract energy without proper authorization, and undermine the payment infrastructure,” says De Vincenzi.
While these scenarios may seem unlikely, earlier this year one person proved that it’s possible to hack a charging station, when a bug in an Electrify America charger allowed him to gain nearly unlimited access to the charger’s internal system.
Ilaria Matteucci, a researcher at IIT who was also involved in the study, points to another factor that influences security and privacy: the time it takes to charge a battery. More charging time means more opportunity to launch an attack. DC charging is considered the fastest between the conductive and inductive methods but nothing beats a quick battery swap.