Check Point Software Technologies has warned electric vehicle (EV) charging points come with cybersecurity threats.
Check Point, a global provider of cybersecurity solutions, warns the dangers it has highlighted may delay the wider adoption of EVs.
It says governments around the world are pushing the move to greener technologies to combat climate change and reduce their reliance on hydrocarbons.
For instance, Norway has built a network of 17,000 charging points, while the US Department of Transportation recently announced a $5B plan to create a new network of EV charging stations.
Amazon also recently announced it is set to up its electric fleet across the UK and continent by thousands over the next five years.
A Check Point statement said: “However, while automotive companies are ramping up production of new electric vehicles, the industry is not doing enough to deal with cybersecurity concerns around, what are essentially, IoT devices.
“When users charge their vehicles, there is also a data connection between the vehicle and the EV hub. Charging stations are connected to the internet and, like any other IoT device, are vulnerable to the actions of cybercriminals.”
If a threat actor can gain access to a charging hub this could have serious consequences including:
• Risk to User Safety: Theoretically, via an EV charging point, a hacker could access a vehicle’s engine management system and either compromise safety, performance or disable the vehicle altogether. Imagine if the vehicle in question were an ambulance, where delays could pose a threat to life.
• Compromise the EV Charging Network: Hackers could knock out an entire network of charging hubs by taking advantage of just one vulnerability in one device. This could result in loss of revenue for the operator as well as untold disruption to the road network.
• Commercial loss: In addition to shutting down a network of EV hubs, hackers could access the operator’s management software and drop ransomware with consequent financial and reputational damage. Also, many commercial fleets are converting to electric power and a hacker could disable an entire delivery operation just from their laptop.
• Payment systems: Threat actors could potentially compromise the payment system at an EV hub, leading to financial loss for the driver or the network operator.
Threat actors are wasting no time escalating the scale and sophistication of attacks.
Check Point Research recently reported a 59% global increase in ransomware attacks alone, while the UK’s transportation industry experienced an average of 979 cyberattacks a week over the last six months.
As a result, it won’t be long until the potential to exploit EV charging stations is noted, so it is pivotal that newer, greener technologies are protected.
Muhammad Yahya Patel, Security Evangelist at Check Point said: “Climate change and the need to reduce our dependence on oil underline the imperative to migrate to greener forms of transportation.
“Concerns over cybersecurity could be another obstacle to the future growth of the electric vehicle market, so it’s vital that the industry takes the threat seriously.
“Unsecured charging devices are an open door to increasingly sophisticated threat actors and yet there are proven IoT, OT and infrastructure security solutions out there that could prevent such attacks and further encourage the development of sustainable travel.”
In the UK, recent figures show there are 500,000 electric cars on UK roads but the number of public electric vehicle chargers is not keeping pace.
The Government announced in March that it aims to install 300,000 public charging points by 2030 in a £1.6bn push.
Yet, according to industry research by Novuna Vehicle Solutions, little more than 30,000 have been installed in the last decade.
In the last year, the ratio of electric vehicles to charging points has tripled, with 15 cars per charging point in January this year compared to the same month in 2021, according to the analysis by the leasing company.