Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, highlights the cyber threats that come with electric vehicle (EV) charging points and warns they may delay the wider adoption of EVs.
Governments around the world are pushing the move to greener technologies to combat climate change and reduce their reliance on hydrocarbons. Singapore targets to have to make EV chargers more accessible by having a network of 60,000 EV charging points by 2030, and aims to phase out combustion engine vehicles by 2040. Neighbouring country Thailand announced several well-received tax-related measures which boosted domestic EV demand, as it endeavours to position itself as a new EV hub in Asia. However, while automotive companies are ramping up production of new electric vehicles, the industry is not doing enough to deal with cybersecurity concerns around, what are essentially, IoT devices.
When users charge their vehicles, there is also a data connection between the vehicle and the EV hub. Charging stations are connected to the internet and, like any other IoT device, are vulnerable to the actions of cybercriminals. If a threat actor can gain access to a charging hub this could have serious consequences including:
Risk to User Safety: Theoretically, via an EV charging point, a hacker could access a vehicle’s engine management system and either compromise safety, performance or disable the vehicle altogether. Imagine if the vehicle in question were an ambulance, where delays could pose a threat to life.
Compromise the EV Charging Network: Hackers could knock out an entire network of charging hubs by taking advantage of just one vulnerability in one device. This could result in loss of revenue for the operator as well as untold disruption to the road network.
Commercial loss: In addition to shutting down a network of EV hubs, hackers could access the operator’s management software and drop ransomware with consequent financial and reputational damage. Also, many commercial fleets are converting to electric power and a hacker could disable an entire delivery operation just from their laptop.
Payment systems: Threat actors could potentially compromise the payment system at an EV hub, leading to financial loss for the driver or the network operator.
Threat actors are wasting no time escalating the scale and sophistication of attacks. Check Point Research recently reported a 59% global increase in ransomware attacks alone, while Asia as a region experienced the most cyberattacks in the third quarter of 2022, with an average of 1,778 weekly attacks per oerganization. As a result, it won’t be long until the potential to exploit EV charging stations is noted, so it is pivotal that newer, greener technologies are protected.
“As commitment to lowering emissions take centre stage in Asia, many countries have announced plans to develop EV infrastructure. Climate change and the need to reduce our dependence on oil underline the imperative to migrate to greener forms of transportation. Concerns over cybersecurity could be another obstacle to the future growth of the electric vehicle market, so it’s vital that the industry takes the threat seriously. Unsecured charging devices are an open door to increasingly sophisticated threat actors and yet there are proven IoT security solutions out there that could prevent such attacks and further encourage the development of sustainable travel,” said Teong Eng Guan, Business Leader ASEAN & Korea, at Check Point Software.