Should You Be Concerned About EV Charger Hacking?
If you’ve got an electric car, rumors of EV charger hacking may have caused you some concern. Hackers who gain access to chargers could have access to customers' billing information, tamper with rates, or even obtain sensitive information stored by the vehicle being charged.
Sign up forfree
Forgot your password?
Create an account
*Required: 8 chars, 1 capital letter, 1 number
By continuing, you agree to thePrivacy PolicyandTerms of Use.You also agree to receive our newsletters, you can opt-out any time.
What Is EV Charger Hacking?
We all know that EVs need to be charged regularly. This can be conducted at home or at public stations, where the chance of being hacked is much higher.
It’s this necessity for charging that malicious actors can exploit via charger hacks. But how do these attacks work?
When you add fuel to an ICE vehicle, you simply inject the fuel pump, add as much as you want, and then pay. This process doesn’t involve any kind of data connection between your vehicle and the pump.
However, when you charge your EV, your vehicle is directly communicating with the charger. When such connections are made, it becomes possible to infiltrate, manipulate, and potentially exploit them.
This is commonly done via software vulnerabilities that hackers are able to exploit. EVs rely heavily on software to function, as is the case for chargers. Software vulnerabilities (i.e. flaws in the code) can be exploited by cybercriminals looking to hack EV charging stations.
Pen Test Partnersconducted a study in 2021 on smart electric vehicle chargers and discovered vulnerabilities that could give way to millions of EV chargers being hacked. It was also found in the study that one charger platform had no form of authorization, while another harbored an unauthenticated endpoint that exposed all user and charger data.
What Are the Risks of EV Charger Hacking?
There are a number of reasons why a hacker may target an EV charging station or a home charger: primarily data theft anddenial-of-service (DoS) attacks.
In a denial-of-service attack, a website’s or program’s ability to serve its customers normally is temporarily disrupted. In the case of an EV charging provider, its entire network of charging stations could be shut down, resulting in all users being unable to charge their vehicles.
Additionally, your private information could also be stolen via an EV charger hack, such as your location, charger ID, or even payment information.
EV charger hacks can even be used for political purposes. During the start of the Russia-Ukraine war, a Ukrainian company known as Autoenterprise was found to be hacking and shutting down Russian EV charging stations so that anti-Putin messaging could be displayed to users in Russia.
How Can You Avoid EV Charger Hacks?
It’s impossible to totally safeguard yourself from EV charger hacks (unless you replace your EV with an ICE), but there are a few measures you can take to stay safe. It’s also important to note that both home and public chargers are susceptible to being hacked, as long as they have an active data connection.
For peace of mind at home, do not buy shady, under-reviewedchargers to install in your garage. It may be tempting to save a little money and opt for a lesser-known, or even unbranded model, but this product may come with hundreds of software flaws and vulnerabilities, exposing you to hacks.
If you’re highly concerned about EV charger hacks, it might be best to avoid public charging stations, though this may prove to cause a lot of inconvenience, especially on longer journeys. What’s more, home chargers can also harbor exploitable vulnerabilities, so even if you avoid public charging, you could still be at risk.
How Will EV Charger Security Improve in the Future?
The threat of widespread EV charger hacks is evident and pressing, so what can be done to help fend off these attacks?
1. Encryption
Whether you’reusing a password manager, VPN, cloud storage platform, or even a social media site, you’re likely using encryption without even realizing it. Encryption involves converting plaintext to ciphertext (turning normal words into random, indecipherable lines of data). In terms of EV charging security, this technology may save the day.
For example, an EV charging station could encrypt various kinds of user-related data, such as charger ID numbers, vehicle models, and location, so that cybercriminals could not access and expose this information in data breaches. Withyour data being encrypted, your security integrity is already at another level.
2. Provider Collaboration
There is now a long list of EV charger providers across the globe, and all have different customer bases, security integrity, and risk factors. If these different charger providers were able to communicate and collaborate, identifying vulnerabilities and other security hazards could become that much easier.
For instance, charger provider A could fall victim to a particular kind of hack. Once provider A becomes aware of this, it immediately notifies charger providers B, C, D, and onward. This way, the other providers can work to prevent this hack, say by patching a vulnerability, before it becomes widespread.
3. AI and Machine Learning
You may have already seen how revolutionary AI has proven to be across almost all industries. This advanced technology has the ability to operate in ways that a lot of current systems could only dream of, with the ability to make intelligent decisions and scan all kinds of data.
In the EV industry, AI already holds a lot of potential. This technology may one day be used inautomated driving, a concept that has long held the attention of EV and tech lovers.
But this isn’t where things end.AI could also prove invaluable in EV safety and cybersecurity. For instance, AI could be used to scan for possible cyberthreats as well as suggest and develop solutions to these security issues.
Additionally, AI could play a role in user authentication, making it that much harder for hackers to pose as someone else when charging an EV or trying to steal their data.
4. Regular Security Audits
A lot of reputable platforms have a cybersecurity team for a reason. Not only can these staff tackle cyberthreats, but they can also run frequent audits of a platform’s security features and code to ensure there’s nothing that needs to be remedied.
By doing this, vulnerabilities can be identified before hackers get the chance to exploit them.
5. Improved User Authentication
We previously mentioned that a Pen Test Partners study uncovered a charging platform that had no form of authentication. But even providers with authentication features may be using lackluster technologies that cannot stand up to modern hacking techniques.
With poor or no authentication methods, it can be easy for a hacker to steal data or pose as someone else. For instance, your charging ID could be used so that the hacker’s EV can be charged using your payment method.
This is why improved authentication layers could stop an array of cyberattacks.Multifactor authentication, passkeys, and similar methods could be used in this venture.
EV Charger Hacks Are No Myth
You may not have experienced an EV charger hack yourself, and this form of attack may not yet be hugely popular, but the increasing demand for EVs, as well as the continued deployment of new charging stations, could provide the perfect target for cybercriminals.
And don’t forget that even if your EV isn’t hooked up to a charger, if it has wireless capability and its own data connection, hackers may still be able to find a way in.
More and more people are buying electric vehicles, and that means hackers are taking an interest too. Do you need to be worried about EV hacks?
Now, I actually finish the books I start.
OneDrive is one of the best, but it has a catch.
You can’t call this offline, Notion.
Flagship price, mid-range phone.
My iPhone does it all, but I still need my dumb phone.
