As Americans head out on vacation this summer, more and more of them are hitting the road in electric vehicles.
Like it or not, that trend looks like it will continue as states like Virginia and Washington follow California’s lead in imposing 100 percent electric vehicle (EV) sales timelines.
Falling EV prices are predicted to open the market to less affluent drivers.
Meanwhile, Ford Motor announced this week that it has agreed to a massive $9.2 billion federal loan to build three electric vehicle plants as part of President Joe Biden’s push to supercharge EV production.
A rapidly expanding EV charging infrastructure supports the vehicles’ growth spurt.
An Increasing Number of Cyber Attacks
With the rapid growth and evolving technology of EV infrastructure, the United States and Europe are seeing an increasing number of cyber-attacks related to EV charging systems.Experts fear that security risks are keeping pace with the rapid expansion of EV charging stations across the United States, with hackers able to access drivers’ payment data and worse.
In a worst-case scenario, cyber terrorists could weaponize thousands of vehicles, taking control of them remotely in order to cause power grid blackouts.
According to the U.S. National Institute of Standards and Technology (NIST), EV charging stations collect sensitive information including payment data. Because they are connected to the power grid, an attack could have cascading effects on consumer privacy and on the grid itself.
Even with EV charging companies taking all known steps to protect charging systems, hackers can locate access points in communication channels, leaving chargers open to data tampering or even distributed denial of service (DDoS) attacks. What makes all of this even more nefarious is that attackers can be thousands of miles away.
‘Prevention Is Always Preferable’
Elias Bou-Harb, Ph.D., directs the Cyber Center for Security and Analytics at the University of Texas, San Antonio. “Monitoring in real time and dealing with attacks as they happen are important aspects of an overall security strategy, but prevention is always preferable,“ Bou-Harb told The Epoch Times in an emailed statement. ”Empirically, we continue to see escalated attacks on such infrastructure, including remote and physical attacks.”“Cyber-attacks on charging stations can be prevented to a large extent through proper security measures and protocols. While it’s challenging to achieve 100 percent prevention, proactive steps can significantly reduce the risk of attacks,” Bou-Harb added.
The researchers noted that cybersecurity criminals could steal credentials and access user data. Other vulnerabilities included the ability to manipulate firmware, allowing criminals to launch more complex attacks.
To prevent the theft of consumer information and EV compromise, Bou-Harb said EV charging companies should implement robust authentication and authorization mechanisms, to ensure that only authorized users can access and use the stations.
In addition, Bou-Harb recommended encrypting communication between the charging infrastructure and back-end systems to protect data in transit. Charging station software and firmware should be regularly updated to address known vulnerabilities. Security audits should be conducted regularly and penetration testing done to identify and address potential weaknesses.
Protect Your Vehicle
Bou-Harb suggests car owners keep their vehicles’ software up to date by installing the latest firmware and security patches; using strong and unique passwords for their EV accounts and charging apps; avoiding connecting vehicles to unsecured charging stations; and reporting suspicious account activity.Another basic precaution is to detach dongles. The small devices that plug into the diagnostic port and allow companies to monitor driving habits can be an easy entry point for hackers and should be disconnected when the EV is not in use.
Hackers can also intercept wireless fob signals, amplifying the fob’s signal to trick the car into thinking the fob is closer than it really is in order to unlock the vehicle. It’s a good practice to store the fob in a metal box to block the signal.
Alarmingly Easy to Hack
Sometimes, hacking an EV or EV charger is altogether too simple.Ryan H. Levenson, founder of EV promotion and rental company The Kilowatts, was able to gain access to an Electrify America charger and went on Twitter to expose the major security issue. He posted videos showing how he was able to take control of the charger using a simple app. Levenson asked the company to fix the security issue.
In 2020, a Belgian security researcher discovered a way to overwrite and hijack the firmware for Tesla Model X key fobs. Lennert Wouters, a Ph.D. student at the Catholic University of Leuven, Belgium, took just minutes—and used inexpensive supplies—to accomplish the attack, which would have allowed him to steal any car that wasn’t running on the latest software update.
Anomaly Detection
Mansi Girdhar is an electrical engineering doctoral student at the University of Michigan, Dearborn. Girdhar is researching EV charging security. She says the field of study is important given how new the technology is. Universal manufacturing standards don’t exist yet for EVs, let alone for their cybersecurity frameworks.
Girdhar’s research will use an approach called anomaly detection. It involves using machine learning to develop a fingerprint of what normal computing activity looks like when a vehicle is charging, so the system can then identify when something appears out of the ordinary.
The Great American Road Trip, Electrified
The U.S. government expects EV sales in America to reach 40 percent of total passenger car sales by 2030, making the need for top-notch cyber-security for the vehicles ever more pressing.According to an Experian report in late 2022, there are currently only 1.7 million electric cars on the road, out of almost 285 million total vehicles. To put that in perspective, however, there were only 400,000 EVs on the road in 2018. That’s an increase of 325 percent in just four years.
Where the Current Flows
There are currently over 130,000 public charging stations in the United States.
According to a January U.S. News and World Report article, ChargePoint is the largest U.S. charging network, with over 27,000 stations and nearly 50,000 individual charging ports. However, the vast majority of those charging stations are not fast charging stations.
Electrify America is the largest ultra-fast direct current (DC) charging network in the United States, with over 800 charging stations and over 3,000 individual chargers. Owned by Volkswagen, the company plans to have over 10,000 individual chargers operating in the US by the end of 2025, according to its website. The company offers peak charging speeds of up to 350 kW, although not all Electrify America charging points can deliver that speed.Other notable EV charging operators are EVGo, Francis Energy, EVConnect, EVCS, and Blink.
