"Security Flaws Found in Two Home Electric Car Chargers"
Security flaws have been discovered in two different electric vehicle (EV) chargers, Wallbox and Project EV, which are both approved for sale in the UK. These EV chargers are Internet-enabled and can connect to smartphone apps. According to researchers at Pen Test Partners, the vulnerabilities contained by the Wallbox charger could allow an attacker to gain entry into the charger itself, prevent the authorized user from charging their vehicle, and use the charger for themselves. The backend security of the Project EV charger was found to be basic as an attacker could easily authenticate themselves to an administrator's level, thus allowing them to take complete control of devices through a firmware update. The researchers also pointed out that an attacker could abuse both chargers' ability to access Wi-Fi in order to compromise a home network. This compromise can result in the attackers hacking the main router in a home via default passwords and controlling the entire home network. The takeover of a home's router poses a significant danger because all traffic can be routed to the attacker, and they can then create false websites for banking and other services to steal information. Both companies have released updates to fix the flaws. The Wallbox design shows why single board computers are not designed for commercial use. The Wallbox charger has a Raspberry Pi compute module that controls the entire system. Although Raspberry Pi systems are useful for coding and prototyping, they are not appropriate for any design that requires some level of security. One reason is that the Raspberry Pi is designed to be a development platform with a community in which hacking is encouraged in both software and hardware. This article continues to discuss the security flaws found in the two EV chargers, the challenges introduced by Internet of Things (IoT) devices, and the question as to whether technology should continue to be integrated into everyday items.
Electropages reports "Security Flaws Found in Two Home Electric Car Chargers"