The growth of electric vehicles on the road means we need more EV charging stations.
They also examined EVs Rolec but found no vulnerabilities.
All hail the white hat hackers
Youve got to love white hat hackers.
They work tirelessly to find vulnerabilities before the bad guys do.
Unbelievably the company theyve found fault with often only acknowledges their effortsaftermedia reporting.
The mobile apps all communicate with the charger via an API and cloud-based platform.
The chargers are usually connected to the owners home Wi-Fi connection.
40% off TNW Conference!
They could hack the accounts of millions of EV chargers.
In some, they could overtake accounts and turn remote control charging on and off.
No remote flaws or vulnerable endpoints were found.
Some of the chargers had gone old school by using a Raspberry Pi Compute Module.
In 2019,security researchers found security vulnerabilitiesin Schneider Electrics EVlink Parking charging stations.
Hackers could stop a car from charging and prevent anyone else from using the charger.
A malicious actor could even unlock the cable while charging.
Then, they could walk away with the cable.
There was also plenty of opportunities to gain full privileges, add users, change files, and more.
But fortunately, the battery management system was able to detect the overcharging and disconnect.
Dont EV customers deserve better?
We know about all these problems due to the mighty work of researchers.
But hacking is a genuine threat in an industry thats scaling rapidly.
Worse, the industries collectively fail to learn from the legacy shit show that is IoT security.
Beyond controlling the charging functionality itself, hacking can result in identity theft, fraud, and malware insertion.
Its disturbing that white hats found some of the most rudimentary security elements lacking.
These include the absence ofAPI authorization and firmware signing.
Each of these industries represents an entry point for hackers.
The vulnerabilities specified in this article are fixed.
However it wont be long until another security risk is exposed hopefully not in an act by cybercriminals.
Do EVs excite your electrons?
Do ebikes get your wheels spinning?
Do self-driving cars get you all charged up?
Story byCate Lawrence
Cate Lawrence is an Australian tech journo living in Berlin.
