The race against hackers to secure EV cyber-grid

The electric vehicle (EV) revolution is here. After decades of hype, EVs are finally starting to get their day in the sun. In the last ten years, plug-in hybrid electric vehicles have grown from 16,000 to over 2 million vehicles, and auto executives expect over 50 percent of US vehicles to be all-electric by 2030.

It is not hard to see why experts make such an optimistic prediction. In addition to the growing fleet of EVs, the Bipartisan Infrastructure Deal signed earlier this year will include $7.5 billion to help plan and build an extensive network of EV charging stations across the country, a task critical to ensuring full adoption of the technology. It took decades for the current network of gas stations to stretch from one end of the U.S. to the other, and a similar process is now underway for EV charging stations. An infrastructure project of this size requires thorough planning and significant investment, after all.  

Lost in the shuffle of EV usage, bright expectations, and plans to keep their battery full, is a challenge familiar to many pieces of developing tech: EV charging station cybersecurity.

Earlier this year, a 19-year-old tech security specialist used a third-party software app to hack into 25 Tesla vehicles in countries all over the world. It was the first reported incident of a third-party app being used to hack and obtain full access to vehicle data and controls. Cybersecurity is a deadly serious issue for Tesla, yet hackers still found a way to compromise their systems. As EVs continue to grow and take over the road, thousands of potentially unprotected EV charging stations across the country are an inviting target for cyber attackers. Without a strong emphasis on cyber security, these stations could become a hacker superhighway.

EV charging stations can be vulnerable to hackers if they do not come equipped with agile, thorough cyber security measures. Essentially, EV charging infrastructure is a device that waits for another device to connect and begin communicating without a third party firewall or other cybersecurity devices to act as protection, so cybersecurity tech must be built directly into the charging station itself. A third party is often necessary to secure tech as it tends to lack proper cyber protection. The rapid adoption of EV charging stations also contributes to their vulnerability, as certain security measures may be overlooked. Because of this, electric vehicle charging stations appear highly vulnerable to hackers.

The best strategy for cybersecurity leaders to protect charging stations from breaches is to consistently monitor for cyberattacks- both known and unknown. Utilizing technology solutions for the post-production phase of development, for example, is a crucial aspect of ensuring the security of connected vehicles and the smart mobility ecosystem, allowing for companies to monitor their entire infrastructure and vehicles in real-time, utilizing automotive-specific analytics to detect threats.

EV charging infrastructure is just as vulnerable to cyber threats as any other connected device. However, the complexity and hurried evolution of the technology puts it particularly at risk. It is easy to forget that they require the same type of protection to ensure they’re not leaving doors open for cybercriminals. As the fleet of EVs continues to expand, it is imperative that we focus on advanced cybersecurity measures to keep everyone on the road safe and to secure the critical data our vehicles contain.

Photo Credit: Matej Kastelic/Shutterstock

Robert Nawy is CEO of IPKeys Cyber Partners, provider of industry-leading, secure OT/IT intelligence platform that addresses the complex cybersecurity, data, and critical infrastructure protection challenges faced by operators of mission-critical networks for customers in the energy, government, public safety communications and industrial markets. The company’s suite of solutions encompasses cybersecurity, cyber compliance, and operational network monitoring for a range of dynamic OT/IT environments. The company is headquartered in New Jersey and has offices in California, Louisiana, and Texas.

Author: Martha Meyer