Manufacturing companies must prioritize security from the beginning of their design process.
Everything can be a victim of an online malicious threat, including our elective vehicle. As electric cars become more popular, hackers looking to cause trouble or steal information can target them. In fact, according to a 2020 survey, 7 out of 10 electric cars could be vulnerable to cyber-attacks.
Let’s explore some primary methods hackers might use to target electric cars. Let’s explore how criminals could control a vehicle remotely, exploit compromised charging stations, or insert malicious software into car systems.
Risks in connectivity and control systems
Wi-Fi, Bluetooth, and cellular connections support an electric vehicle’s diagnostics, infotainment, and advanced driver assistance. Without reliable security, these connections can become an entry point for cyberattacks.
Hackers may be able to intercept and manipulate signals to gain unauthorized access to the EV’s controller area network (CAN), targeting critical vehicle systems like regenerative braking, advanced driver assistance, and powertrain components. The malicious attack can cause unintended acceleration or deceleration, severe battery overheating (thermal runaway), and pedestrian detection errors.
Other potential entry points include malware-infected apps and unsecured software updates. Hackers could use these to insert malicious codes or alter the vehicle’s system. They can also intercept signals, duplicate codes, or exploit vulnerabilities in key fobs, NFC cards, or mobile apps used as digital keys.
Cybercriminals could also steal vulnerabilities in the car’s infotainment system, which could give them access to your information, such as contacts, call records, and location history.
EV charging station security risks
Unprotected public EV chargers are exposed to physical attacks and remote hacking. If compromised, hackers can interrupt charging, change charging speeds, and switch between alternating current (AC) and direct current (DC) power.
Public charging stations, if hacked, can put harmful software into electric cars. This could let attackers steal private information or even control the car.
These actions could damage your EV batteries, leading to thermal runaway and, in extreme cases, fires or explosions.
Plug-in or conductive chargers are more vulnerable to cyberattacks because they lack constant secure communication or end-to-end encryption. Wireless chargers are safer as they use strong security measures to connect the car’s battery system to the charging station.
Home chargers are usually safe from physical threats but can still be hacked remotely, spreading malware to other devices on your home network. Even if your car is safe, home chargers without good security can be targets for hackers who might try to steal data or mess with your network.
Building a strong EV cybersecurity defense
Smart charging is convenient for electric vehicles but needs protection, too. You can make it safe and secure by:
1. Secure communication
Communication between the EV, charging stations, and power grid must follow secure and up-to-date protocols. The latest transport layer security (TLS) version provides strong encryption and authentication.
2. Implement strict access controls and identity management
Do not let unauthorized people get access to critical systems and data. Use a single sign-on (SSO) to connect to the charging system to identify existing management systems.
3. Secure software development
When designing and coding software, implement rigorous practice to minimize vulnerabilities. Follow secure coding standards and conduct thorough code reviews. Perform security testing regularly, such as vulnerability scans and penetration tests.
4. Physical security
Ensure that physical charging stations have adequate protection against tampering, unauthorized access, and malware injection using the accessible USB charging ports. If possible, you can get a home charger like the wall connector offered by the Tesla Model Y, which is safer than charging in stations.
5. Cybersecurity monitoring and incident response
Monitor the entire charging system at all times. It is helpful to use tools that can detect unusual activity or potential threats immediately. Have a solid plan if any security issues may occur. The plan should cover how to identify the cause of the problem, how to stop it from spreading, and how to fix it. It is important, too, that your team is trained and knowledgeable.
Regulatory compliance and industry standards
Ensure the charging system is designed and operated with security regulations and industry best practices. It must follow guidelines set by government agencies and industry organizations. By implementing this, you can ensure that your charging systems meet minimum security requirements that are accepted and secured.
Summing up
Electric vehicles (EVs) can be vulnerable to cyber-attacks, including remote hijacking, hacked charging stations, and malware infections. While real-life attacks on EVs are not usual, these risks are still real and can happen anytime if not careful. This highlights the urgent need to enhance the protection of EVs and their charging system.
Manufacturing companies must prioritize security from the beginning of their design process. This means designing safer vehicles, improving software and apps, and finding better ways to use these systems. This is to ensure the safety of drivers and even their passengers. It’s a long job, but it is important.
Join the conversation!