Recent studies have shown that 5.8 percent of all vehicles sold in 2022 will be electric, which is a large number considering the newness of the technology. Hackers are taking note of this and any potential vulnerabilities related to electric vehicles or their charging stations could cause serious issues. According to SaiFlow, an Israeli EV infrastructure provider, cybercriminals can exploit Electric Vehicle Charge Points to cause service outages and access sensitive and personal information of customers. The attack method is a combination of two new vulnerabilities found in the OCPP standard. This would allow hackers to shut down EV charging stations remotely, manipulate them to recharge EVs for free, and access the vehicles surrounding components. The security flaws are related to the communication between the CSMS and the EV charge point, particularly with the OCPP. When the vulnerability is exploited, a hacker can hijack the connection between the charger and the management platform, allowing them to shut down the entire group of chargers connected to that network. They can also launch a DoS attack to disrupt or disconnect a single charger and access sensitive information, or execute a DDoS attack and take down/disconnect all chargers connected to that network. SaiFlow is working with some leading EV charger providers to address the issue, although the EV industry is slow at applying the updates.
This Cyber News was published on www.hackread.com. Publication date: Sat, 04 Feb 2023 03:12:03 +0000