Is YOUR electric car vulnerable to hackers? How cyber-criminals could steal personal data because of weak security at charging hubs and ‘flaws’ in vehicles’ outdated software | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

If you drive an electric car your primary concern may be ‘range anxiety’ – worrying if you’ve got enough charge to get to your destination.   

But another issue you may not be aware of is the risk of having your vehicle remotely accessed by cyber criminals – and your personal data stolen.

Jake Moore, a security specialist at ESET, said electric vehicles (EVs) run software that have ‘flaws and weak points’ for hackers to target. 

Installed on the car’s software are apps that often ask for details such as email address, telephone number and even credit card details.

So if they gain access to the vehicle (or the charger), this personal data can be stolen and potentially sold to the dark web, leading to lost funds, fraud and more. 

Is your electric vehicle safe? Security concerns surrounding electric cars and their infrastructure are multifaceted, experts explain – but still governments are rushing to roll out the technology
By 2030, the UK government is planning to end sales of diesel and petrol cars in favour of EVs, while the Biden administration has a $5billion plan to create a new network of 500,000 EV chargers

READ MORE: 2030 ban on diesel and petrol cars WILL go ahead, says government

The Department for Transport is aiming for more than half of all new car sales to be zero emission vehicles in 2028

In the UK, petrol and diesel vehicles are being phased out in favour of the technology, but Moore thinks security flaws in EV software may be getting overlooked. 

‘As companies and governments fight in the race to build and install charging stations, malicious actors are not far behind looking to abuse the potentially weak on-board technology,’ he told MailOnline. 

‘So much new technology is designed with one thing in mind – speed of manufacturing – and therefore, security gets pushed out and the devices are often left riddled with present and future flaws.’ 

EVs are connected to the internet and receive ‘over the air’ updates – delivered through a wireless network – to update their software. 

But just like any computer or smart device, an EV is vulnerable to unauthorised access if it doesn’t receive regular updates or if it runs outdated software.

As demonstrated by a team of Belgian researchers with a Tesla, an electric car that isn’t running the latest software can also be unlocked and potentially stolen, if the criminal gets close enough. 

Security concerns surrounding electric cars and their infrastructure are multifaceted, experts explain, but this isn’t stopping governments from racing to roll out the technology. 

Pete Nicoletti, a researcher at security firm Check Point, agreed that unauthorised access to the EV is a threat, but a bigger issue is public EV chargers. 

Hackers have already manipulated EV chargers to show pornography on their screens – but the potential security threats are worse. 

EV chargers are internet-connected, run software and have display screens like any other device. Pictured, a BMW electric vehicle sits parked at a Volta EV charging station in Corte Madera, California
It is ‘quite easy’ for criminals to compromise EV chargers, one expert believes. View of a damaged electric car charging station on Rue de la Loge in Marseille, France

READ MORE: EV charging points are hacked to show PORN 

EV owners were left shocked after charging points in Isle of Wight council-owned car parks were hacked to show pornography

Nicoletti said it is ‘quite easy’ to compromise EV chargers, which are internet-connected, run software and have display screens like any other device.

‘All chargers are connected via internet to their manufacturer for updates and other providers for billing,’ Nicoletti told MailOnline. 

Just like a PC, chargers use firewalls – barriers that stop anyone from engaging in unauthorised web activities – for protection.

However, some chargers do not, making them vulnerable to cyber attackers with nefarious intentions and malicious software updates. 

The chargers can also be altered physically, according to Nicoletti, who said criminals are ‘four screws away from touching the computer guts’. 

‘EV chargers are using “open-source” computing platforms that have well known compromises and access,’ he told MailOnline. 

‘They are typically unmanned and not monitored by CCTV, nor are they “hardened” against physical attacks, like for example an ATM is.

Petrol and diesel vehicles are being phased out in favour of the technology, but security flaws in EV software may be getting overlooked (file photo)

READ MORE Tesla Model S key fob can be hacked in just TWO SECONDS 

A key fob is a small electronic device that enables access to the car (file photo)

Most of the time EV drivers have to pay to use a public charger by tapping a payment card against the machine, like a contactless credit or debit card. 

But just like ATM skimming scams, compromised EV chargers could see you card details fall into the wrong hands and unauthorised transactions on your account. 

What’s more, users who charge an electric vehicle on a regular basis may leave a data trail – a potential privacy risk. 

When charging an EV, the user often provides a RFID card as proof of identity at the charging station, thus transmitting personal data into the system.

If the user is not anonymous and, at the same time, it is known which charging stations he or she has been using, this information can be used to create a movement profile. 

Cyber criminals may also make alterations to an individual charger so it delivers power for free when they want it to, or accessing an entire network of chargers via the cloud to bring them down. 

Even more serious issues include the charger’s safety features being compromised with cars being overcharged and damaged, potentially leading to fire.

‘The electronic control box that controls to flow of electricity into the car is vulnerable to physical and programmatic alteration, modification and compromise,’ said Nicoletti. 

‘Compromises at this level can turn on and off chargers and impact the grid, or overcharge the car, or otherwise damage the car’s batteries.’ 

Countries around the world are making efforts to ramp up the amount of EVs on the road so petrol vehicles can be phased out, citing health concerns from their toxic emissions from the exhaust pipe.

By 2030, the UK government is planning to end sales of diesel and petrol cars in favour of EVs, while the Biden administration has a $5billion plan to create a new network of 500,000 EV chargers. 

But the security threat of the technology may be getting overlooked and there will ‘absolutely’ be an increase in EV-related attacks going forward, Nicoletti said. 

‘More chargers equals more risk, especially if they are all one manufacturer and the hackers find a vulnerability, then can impact a large number of chargers all at once,’ he told MailOnline. 

A study last year raised ‘concerns about the lack of adequate security considerations’ in the design of EVs that have already been deployed. 

EV drivers should ensure they have the most up to date software running on their car and keeping an eye out for chargers that look like they’ve been tampered with. 

‘Monitor the manufacturer of your EV charging station and the ones you use in public,’ Nicoletti said. 

‘Use a separate credit card for EV charging so as to easily monitor transactions and compromises.’ 

How environmentally friendly are electric cars REALLY? Experts reveal how they stack up against petrol versions 

Electric vehicles (EVs) are often touted as an environmentally-friendly solution to the climate crisis, but one of Britain’s most famous motor enthusiasts begs to differ.  

In an article for the Guardian published in June, comedian Rowan Atkinson says electric motoring ‘doesn’t seem to be quite the environmental panacea it is claimed to be’. 

EVs are powered by lithium ions batteries which require ‘many rare earth metals’ and huge amounts of energy to manufacture, he claims, citing research from Volvo. 

Atkinson – who is vocal of his love for cars and has a degree in electrical and electronic engineering -said he feels ‘duped’ by electric vehicles and thinks ‘keeping your old petrol car may be better than buying an EV’. 

MailOnline takes a look at some of the issues and speaks to experts to see if the green reputation of EVs really has been overstated. 

Read more 


Click Here For The Original Story From This Source.

National Cyber Security