EVs Are A Significant Cybersecurity Risk
Upstream, a cybersecurity firm based in Israel tracked incidents and threats in the mobility and automotive sectors from 2019 to 2023 and found that they had increased by over 50, with 295 such incidents happening in 2023.
According to an Autoweek report, various experts say that due to modern vehicles now being software on wheels, drivers risk more significant cyberattack exposure than ever before.
Unprecedented Vulnerability
According to Autoweek’s report, Upstream’s vice president of marketing, Shira Sarid-Hausirer, laid out a scary reality for which vehicles are most vulnerable to cyberattacks, “The smarter a vehicle, the more vulnerable it is. A single incident could cause a lot of damage to an OEM. Over-the-air updates could fix the vulnerability, but that would cost millions, too. Most of these assaults are from non-governmental sources, folks training to make money. Terrorism isn’t a dominating motivation.”
Upstream found that “bad hat actors,” individuals with what their report defines as malicious intent, committed as many as 64 percent of cyber attacks, according to Autoweek. Equally disturbing is that Upstream’s report indicated that 65 percent of deep and dark web cyber activities in 2023 could affect thousands to millions of “mobility assets.”
Michel Austin, Guidehouse Insights senior research analyst for electric vehicles (EVs) and mobility stressed the importance of automakers being aware of and prepared for these dangers. According to Autoweek, Austin said, “I think they’re aware of it and design systems to mitigate the dangers, but the danger is real. And the risk is that, unlike a data leak or a bricked phone or laptop, even a minor car hack can hugely disrupt people’s lives.”
Will AI Hurt Or Help Cybersecurity?
Regarding artificial intelligence (AI) and its impact on cybersecurity and vulnerability, Sarid-Hausirer said it’s something of a double-edged sword, “AI has been an increasingly popular topic on the dark web, and the bad actors are learning from it. But it can also be used positively to investigate alerts and perform triage,” according to Autoweek’s report.
EV Charging Networks Are Vulnerable
According to Autoweek, EV charging networks are especially vulnerable. In 2023, the National Institute of Standards and Technology (NIST) drafted a cybersecurity framework for companies building fast chargers that stressed the importance of securing digital payment systems. It’s significant, considering that as of 2023, 48,000 public charging stations in the United States are connected to and communicate through the cloud.
Autoweek’s report noted that hackers have carried out cyber attacks through EV charging stations in the US, Russia, and the UK over the past few years. One example of this happened in 2022 when hackers tampered with a charger in the Isle of Wight so that its display screen showed pornography. During the prior year, Ukrainian hackers penetrated Russia’s most significant EV charging network, allegedly stealing as much as 900 gigabytes of data. Another instance involves a hacker tampering with an Electrify America charging station in January 2023.
It’s the dark side of everything being so technologically interconnected. While many people believe that EVs are the future of transportation, while also having concerns over EV infrastructure, cybersecurity must also be at the forefront of people’s minds.