Runaway Charger: The Major Threat Of Hacking EV Stations
Early adopters of electric vehicles could add EV charger hacking to the growing downsides of EV ownership. Data from a 2021 study of EV charging security by British security firm Pen Test Partners found vulnerabilities like API authorization issues, no firmware signing, and lack of authorization across several EV charging platforms. The known issues could expose EV owners to account hijacking and extracting all user and charger data, including account details, payment information, charger ID, and location.
The bad news doesn't stop there. Hackers could also control the chargers remotely, potentially disrupting charging services and destabilizing the entire power grid by switching the chargers on and off simultaneously. Furthermore, hackers could use home EV charging stations to infiltrate any home network. Users in North America and the United Kingdom have reported President Biden memes and pornographic videos on public charging station displays, proving the growing security problem in fast-rising EV charging infrastructures.
The dangers of EV charger hacking
Hackers could target public EV charging stations or home chargers to steal data or execute a DoS or denial-of-service attack. The former could lead to more exploits like bank account information, credit cards, user IDs, and passwords. However, a DoS attack could shut down an entire EV charging network and disrupt services to millions of EV owners. Ukrainian hackers infiltrated Russian EV charging stations in 2022, displaying derogatory messages against Russian President Vladimir Putin and disabling services to all chargers from Moscow to St. Petersburg.
Unfortunately, there's not much that users can do to ensure 100% protection against EV charging hacks. Unlike petrol cars that fill the fuel without connecting to the car's system, an EV charger establishes a data connection with the vehicle, making it vulnerable to hacking by exploiting software vulnerabilities. The most that EV buyers could do is avoid installing cheaper EV home chargers from lesser-known brands that could have software flaws, subpar encryption, and weak authentication.
It's also a good idea not to connect your home EV chargers to the internet to safeguard against potential hacking. Meanwhile, the Biden administration passed the Bipartisan Infrastructure Law in 2021, which includes up to $7.5 billion to expand EV charging networks and improve cybersecurity measures to safeguard against external threats. And in 2023, the Federal Highway Administration passed a ruling that requires states to implement specific cyber requirements for all new chargers funded under the Bipartisan Infrastructure Law.