Because of the technological innovations and eco-minded responsibility that make them attractive to buyers, electric vehicles (EVs) are rapidly becoming a prominent fixture of everyday life. So popular, in fact, that Gartner estimates there will be 2 million global public EV chargers by the end of 2022 to support the growth of this category.
The furious pace at which these infrastructures are being developed also makes EVs a prime target to be exploited by hackers. While automakers like Tesla have taken it upon themselves to build charging stations, many of these chargers remain publicly owned by either state or municipal entities. This reality can leave sensitive information vulnerable.
While we are bound to see commercial EV chargers the same way we have gas stations, more and more employers offer EV chargers as a perk to their workforce. EVs have cyber security vulnerabilities, but the main point of contention remains the charger itself.
This article will explore EV cyber security, why EV chargers may be the most critical link in that chain, and offer ideas on how you could protect yourself from EV-related cyber threats.
How Are EVs Being Hacked?
Some movies and TV series depict hacking into a car as a sensational act where a criminal can take over the car’s driving capabilities. Thankfully, this isn’t a reality or something you should fear. Cars, whether powered by electricity or gas, are powered by computers nowadays.
These computers aren’t usable in how you log on to your desktop, but most car functions, like unlocking the doors, changing driving modes, and navigation, are all coordinated by a central chip. This reality allows hackers to find vulnerabilities, but the impact is not as dire as you might think.
Perhaps the only valid point of vulnerability with EVs lies in the charger. Unlike gas stations, the current model is exclusively unattended self-service, which means that these charging stations end up in remote locations without any physical security apart from security cameras.
Anybody with a screwdriver and bad intentions can then attempt to hack into the computer operating the charger. Currently, the attacks launched against EV chargers have been relatively benign, like displaying pornographic material on the screens and asking for a ransom to remove it.
As of now, no one has managed to use the charger connection to hack into the car itself and cause damage. However, remaining vigilant when you charge your vehicle in public is still a good idea.
Like any other organization, companies like Tesla are susceptible to phishing and spoofing attacks. The current EV phishing attacks being launched don’t have taking control of your car as a goal. They’re taking advantage of the current craze for EVs to trick people into giving hackers their personal information.
Many companies currently have long waiting lists for purchasing a car. This backlog has created an opportunity for scammers to send phishing emails to EV enthusiasts saying they were bumped up in the line, for example. Some attacks have gone as far as replicating automakers’ websites to make fake car reservations.
Protecting Yourself from EV Hacks
Currently, the target of EV hacks isn’t consumers and drivers. Instead, the companies and the craze around EVs as a product are the targets of criminals to launch cyber attacks. As a consumer, there isn’t much you can do to protect yourself apart from typical phishing attempt protection.
Remember that EV car companies never contact you first to offer you a spot. They don’t “bump up” customers in line for any reason. The only source you should trust is your position in line displayed on your account page on the company’s website.
If you do get an email saying your car is ready for purchase because your position in line is next, be very wary and do all the required phishing checks. Make sure the logo and design of the email match others you’ve received from the company. Check the domain name and email address the email is coming from to ensure it’s coming from the correct source.
If you already own an EV, the onboard computer of your vehicle isn’t more or less vulnerable to attacks than modern gas-powered cars. Public chargers are currently the only real potential breaking point. However, at this time, they are not dangerous to the point where a hacker could take over your car.
Still, applying the same phishing check mentioned earlier to the public chargers you use is a good idea. Compromised chargers won’t always be used to display provocative content on the screens. It’s only a matter of time before someone hacks into them to mimic the company’s branding and steal credit card information.
EVs are the Future
There are no two ways about it; most cars in the future will run on electricity, not gas. Governments worldwide have even mandated dates for the complete switch to EV sales only. The craze we are currently experiencing is only bound to gain steam in the upcoming years.
There’s no cause for concern now, but as with any hot new technology, it’s a good idea to be vigilant. EV companies are bolstering their defenses and adding robust firewalls to their vehicles to be ready for any eventual attack. In the meantime, as always, cyber security awareness is your best defense.
Cyber Security Hub: Access Exclusive Cyber Security Content
Looking for content on other aspects of everyday life where cyber security has become crucial? Visit the Cyber Security Hub and download free educational kits today!