Electrical car charging stations are weak to plenty of completely different cyber assault situations, in keeping with Sandia Nationwide Laboratories. In a press release dated Nov. 15, 2022, a Sandia Labs analysis report described how a evaluation of vulnerabilities helps prioritize grid protections and inform public policymakers. Right here’s an excerpt:
“With electrical autos changing into extra widespread, the dangers and hazards of a cyberattack on electrical car charging gear and programs additionally will increase. Jay Johnson, {an electrical} engineer at Sandia Nationwide Laboratories, has been learning the various vulnerabilities of electric vehicle charging infrastructure for the previous 4 years.
“Johnson and his crew not too long ago printed a abstract of recognized electrical car charger vulnerabilities within the scientific journal Energies. …
“Electrical car charging infrastructure has a number of vulnerabilities starting from skimming bank card info — identical to at standard fuel pumps or ATMs — to utilizing cloud servers to hijack a complete electrical car charger community.”
MEDIA COVERAGE AND CONCERNS
The media protection on this report was vast and international.The Register (U.K.) led with the headline, “Shocker: EV charging infrastructure is significantly insecure,” and wrote:
“If you happen to’ve observed automotive charging stations displaying up in your space, congratulations! You’re a part of a rising community of programs so poorly secured they may someday be used to destabilize total electrical grids, and which comprise sufficient safety points to be problematic as we speak.
“That’s what scientists at Sandia Nationwide Laboratory in Albuquerque, New Mexico have concluded after four years of taking a look at demonstrated exploits and publicly-disclosed vulnerabilities in electrical car provide gear (EVSE), in addition to doing their very own checks on 10 sorts of EV chargers with colleagues from Idaho Nationwide Lab.”
GCN offered this analysis: “‘Proper now, there’s a little bit of a Wild West mentality on the market,’ mentioned Kayne McGladrey, subject chief info safety officer at safety software program firm Hyperproof and a senior member of the Institute of Electrical and Electronics Engineers. ‘Firms are incentivized for being first to market, not essentially most safe to market. As a result of safety prices cash and since it requires time and assets, naturally that turns into a decrease precedence.’
“EVs themselves have already been proven by researchers to be vulnerable to attack, however the cybersecurity of charging infrastructure has flown beneath the radar till comparatively not too long ago.”
Lastly, states are additionally stepping into the act. Michigan launched this Electronic Vehicle Infrastructure Deployment plan in August 2022. The plan has a bit on recognized dangers and challenges, which incorporates cybersecurity dangers. And this was a scorching subject in October on the Michigan Cyber Summit, which I covered here.
FINAL THOUGHTS
I absolutely count on to revisit this subject in 2023 and past. However for now, authorities and particularly states needs to be researching the cybersecurity points surrounding EVs, and charging infrastructure is a vital element.
This report from Sandia Labs is an effective place to start out.