"Sandia Studies Vulnerabilities of Electric Vehicle Charging Infrastructure"
As electric vehicles become more prevalent, so do the risks and hazards of a cyberattack on electric vehicle charging equipment and systems. Jay Johnson, an electrical engineer at Sandia National Laboratories (SNL), has been researching the vulnerabilities of electric vehicle charging infrastructure. Johnson emphasized the importance of exploring electric vehicle charger vulnerabilities to make recommendations to policymakers and inform them of what security improvements are required by the industry. The Bipartisan Infrastructure Law includes $7.5 billion in funding for electric vehicle charging infrastructure. The federal government requires states to implement physical and cybersecurity strategies as part of this funding. The Sandia team's review will help states prioritize hardening requirements as well as help the federal government in standardizing best practices and mandating minimum security levels for electric vehicle chargers. Electric vehicle charging infrastructure is vulnerable to various threats, ranging from skimming credit card information at conventional gas pumps or ATMs to hijacking an entire network of electric vehicle chargers using cloud servers. The team explored entry points, such as vehicle-to-charger connections, wireless communications, electric vehicle operator interfaces, cloud services, and charger maintenance ports. They investigated standard AC chargers, DC fast chargers, and extreme fast chargers. The study discovered several flaws in each interface. For example, vehicle-to-charger communications could be intercepted, and charging sessions terminated from over 50 yards away. Electric vehicle owner interfaces were particularly vulnerable to data theft or changes in charger pricing. For protection, most electric vehicle chargers use firewalls to maintain separation from the Internet, but Argonne National Laboratory (ANL) researchers discovered that some systems did not. An Idaho National Laboratory (INL) team also discovered that some systems were vulnerable to malicious firmware updates. This article continues to discuss the vulnerabilities of electric vehicle charging infrastructure.