"How Big Is the Risk That Someone Will Hack an EV Charging Network?"

As the number of Electric Vehicle (EV) charging stations grows, so does the number of vulnerabilities. Hackers have been focusing their efforts on electrical system vulnerabilities for several years. Some of these soft spots are inside charging stations, while others are inside the equipment that controls connections between the grid and the station. Yet, others are inside assets that sit on the grid side of the relationship, which are mostly owned by utilities. Wind power companies in Europe such as Deutsche Windtechnik AG, Enercon GmbH, and Nordex SE have experienced attacks aimed at disrupting electricity flow, committing identity theft, and stealing payments. In most cases, the results are service disruptions for customers and revenue reductions for electron providers and/or asset owners. Hackers are constantly looking for ways to exploit any and all system vulnerabilities, which is a problem for both consumers and commercial enterprises. Concerns about weak control systems have been added to the stresses caused by various types of hacker disruption, including physical destruction, electronic jamming, and Denial-of-Service (DoS) attacks. Stations connected to a central control unit, commonly referred to as "the backend," are located at the heart of EV infrastructure. This backend communicates using the same technology as a SIM card over a wireless network. Stations collect sensitive data such as payment information, location information, and demographic information such as email addresses and IP addresses. Since the station is accessed via a mobile app or an RFID card, sensitive data, such as location data and online behavior history, is collected on the apps. This data, according to Thomas Russell of the National Cybersecurity Center, can be used to discover patterns of daily routines, location data, and private information. Operators can monitor usage and reliability in real-time, but being networked also means being vulnerable. Joe Marshall of Cisco Talos points out that the most vulnerable components of an EV charging station typically include the EV management system (EVCSMS). Vendors who own these stations must maintain Internet connectivity with them in order to process payments, perform maintenance, and make their services available to EVs. As a result, their stations may be vulnerable to attackers looking to exploit that EVCSMS. This article continues to discuss the security risks and vulnerabilities associated with EV chargers.  

Ars Technica reports "How Big Is the Risk That Someone Will Hack an EV Charging Network?"