EV charging points are emerging as prime hubs for cyberattacks due to their reliance on interconnected systems, cloud services, and financial transactions, all of which are susceptible to cyber threats, cyber security solutions provider Check Point said.
Here’s why they are particularly vulnerable:
# Interconnected Systems and Cloud Reliance
Many EV charging stations depend on cloud-based platforms to manage user authentication, transactions, energy monitoring, and real-time updates. This reliance introduces multiple points of failure where cybercriminals can exploit vulnerabilities, such as weak encryption or insecure communication channels.
# API Security Vulnerabilities
APIs facilitate communication between charging stations, users, and cloud systems, but they can be vulnerable if not properly secured. Hackers can exploit API weaknesses to intercept sensitive data, hijack sessions, or disrupt charging services. Given the rising number of API-based attacks in the automotive industry, this is a critical risk.
# Man-in-the-Middle (MitM) Attacks
In MitM attacks, attackers intercept and alter the communication between an EV and a charging point. These types of attacks could allow cybercriminals to manipulate charging sessions, steal user data like payment information, or disrupt services. Public charging stations, especially in busy areas, are particularly attractive targets for these attacks.
# Ransomware and Malware
Like other infrastructure, EV charging stations can fall victim to ransomware and malware attacks, where systems are locked until a ransom is paid. A compromised charging network could halt services, causing major inconvenience and financial losses, especially in areas with limited alternatives for charging.
# Vehicle-to-Grid (V2G) Vulnerabilities
The V2G technology that enables EVs to feed electricity back to the grid also presents new cyber risks. If compromised, attackers could disrupt grid stability, siphon off energy, or even damage connected EVs and infrastructure. This could lead to large-scale disruptions, such as power outages.
# Securing the Future of EV Charging Infrastructure
To address these cyber risks, comprehensive security measures are essential:
API security through encryption and authentication
Zero Trust Architecture to ensure that each interaction is authenticated
Payment system protection using encryption and multi-factor authentication
Regular software updates to patch vulnerabilities
Collaboration with Managed Security Service Providers (MSSPs) for threat detection and compliance with industry standards like ISO 15118.
As of February 2024, India has 12,146 operational public EV charging stations. India needs to establish at least 1.32 million EV charging stations by 2030 to support the rapid growth of electric vehicles, the Confederation of Indian Industry (CII) said. This goal requires over 400,000 new installations each year.
