Cybersecurity experts at Check Point Software Technologies warn that green travel initiatives may be held back as electric vehicle charging point cybersecurity is overlooked
Governments around the world are pushing the move to greener technologies to combat climate change and reduce their reliance on hydrocarbons. Norway has built a network of 17,000 charging points, while the US Department of Transportation recently announced a $5B plan to create a new network of EV charging stations. However, while automotive companies are ramping up production of new electric vehicles, the industry is not doing enough to deal with cybersecurity concerns around, what are essentially, IoT devices.
When users charge their vehicles, there is also a data connection between the vehicle and the EV hub. Charging stations are connected to the internet and, like any other IoT device, are vulnerable to the actions of cybercriminals. If a threat actor can gain access to a charging hub this could have serious consequences including:
- Risk to User Safety: Theoretically, via an EV charging point, a hacker could access a vehicle’s engine management system and either compromise safety, performance or disable the vehicle altogether. Imagine if the vehicle in question were an ambulance, where delays could pose a threat to life.
- Compromise the EV Charging Network: Hackers could knock out an entire network of charging hubs by taking advantage of just one vulnerability in one device. This could result in loss of revenue for the operator as well as untold disruption to the road network.
- Commercial loss: In addition to shutting down a network of EV hubs, hackers could access the operator’s management software and drop ransomware with consequent financial and reputational damage. Also, many commercial fleets are converting to electric power and a hacker could disable an entire delivery operation just from their laptop.
- Payment systems: Threat actors could potentially compromise the payment system at an EV hub, leading to financial loss for the driver or the network operator.
Threat actors are wasting no time escalating the scale and sophistication of attacks. Check Point Research recently reported a 59% global increase in ransomware attacks alone, while the UK’s transportation industry experienced an average of 979 cyberattacks a week over the last six months. As a result, it won’t be long until the potential to exploit EV charging stations is noted, so it is pivotal that newer, greener technologies are protected.
Climate change and the need to reduce our dependence on oil underline the imperative to migrate to greener forms of transportation. Concerns over cybersecurity could be another obstacle to the future growth of the electric vehicle market, so it’s vital that the industry takes the threat seriously. Unsecured charging devices are an open door to increasingly sophisticated threat actors and yet there are proven IoT security solutions out there that could prevent such attacks. Check Point Quantum IoT Protect provides EV chargers manufacturers with a Nano agent to embed inside the device. It provides runtime protection and blocks cyberattack on the device itself. Secured EV chargers will ensure safe usage and further encourage the development of sustainable travel.