Check Point Software Technologies Ltd., a provider of global cybersecurity solutions, highlights the cyber threats that come with electric vehicle (EV) charging points and warns that this may delay the wider adoption of electric vehicles.
Governments around the world are promoting the transition to greener technologies to combat climate change and reduce their dependence on hydrocarbons. Norway has built a network of 17.000 charging points, while the US Department of Transportation recently announced a $5 billion plan to build a new network of EV charging stations. However, Europe and especially Greece have lagged behind in terms of electric car charging stations compared to the US and there is no corresponding data. On the other hand, automakers are ramping up production of new electric vehicles, but the industry is not doing enough to address cybersecurity concerns of these essentially IoT devices.
While the vehicles are charging, there is also a data connection between each of them and the EV hub. Charging stations are connected to the Internet and, like any other IoT device, are vulnerable to any actions by cybercriminals. If a threat actor can gain access to a charging node, this could have serious consequences, such as:
• User safety risk: In theory, through an EV charging point, a hacker could gain access to a vehicle's engine management system and either compromise safety, performance, or completely disable the vehicle. Imagine if the vehicle in question was an ambulance, how life-threatening the resulting delays could be.
• Compromises the EV charging network: Hackers could knock out an entire network of charging nodes by exploiting just one vulnerability in one device. This could result in lost revenue for the operator as well as untold disruption to the road network.
• Commercial loss: In addition to shutting down a network of EV nodes, hackers could gain access to the operator's management software and drop ransomware with subsequent financial and reputational damage to the company. Also, many commercial fleets are converting to electric power, and a hacker could disable an entire delivery operation from just their laptop.
• Payment systems: The threat actors could potentially compromise the payment system at an EV hub, leading to financial loss for the driver or network operator.
Threat actors waste no time in escalating and complicating their attacks.
Check Point Research recently reported a 59% global increase in ransomware attacks alone. In the same research, an average of 783 cyberattacks per week is observed in Greece for the 2nd quarter of 2022, showing an increase of 36% on an annual basis. As a result, it won't be long before EV charging stations become operational, so it's vital to protect newer, greener technologies.
“Climate change and the need to reduce our dependence on oil highlight the imperative to move towards greener forms of transport. Cyber security concerns could be another obstacle to the future growth of the electric vehicle market, so it is vital that the industry takes the threat seriously. Insecure charging devices are an open door to increasingly sophisticated threat actors, but there are proven IoT security solutions on the market that could prevent such attacks and further encourage the development of sustainable mobility," said Constantina Koukou, Channel Manager and Check Point Evangelist, at Check Point Software.