SecureMac, Inc.

Checklist 337: I, Charger

July 20, 2023

Electric vehicle chargers are vulnerable to hacking, raising security concerns for power grids. Efforts are underway to strengthen their security, but challenges remain. Protect yourself from online threats with tips to avoid scam ads.

Checklist 337: I, Charger

Electric Vehicle Chargers Vulnerable to Hacking, Raising Security Concerns

Recent reports shed light on the vulnerabilities of internet-connected electric vehicle (EV) chargers, raising concerns about potential cyber threats and their broader impact on power grids. Incidents of chargers being hacked for political messages, pornography, or simply to demonstrate the ability to hack them have surfaced, highlighting the need for enhanced security measures.

Experts have identified severe vulnerabilities in internet-connected EV chargers, including the potential to access customer data, compromise Wi-Fi networks, and remotely turn chargers on and off. Such capabilities could lead to serious disruptions, like leaving EV drivers stranded with depleted batteries or, more alarmingly, destabilizing entire electricity networks if hackers were to exploit large numbers of chargers simultaneously.

The risk of nation-states using these hacked chargers as weapons against power grids has become a serious concern. Preventive measures at the user level include keeping chargers offline, though this comes at the expense of certain functionalities provided by internet connectivity. For broader protection, experts call for action from manufacturers and governments to address the inherent security vulnerabilities in EV charging infrastructure.

As the popularity of EVs increases and the charging network expands, addressing these security issues becomes imperative to safeguard both individual users and the overall stability of electricity grids.

Efforts to Strengthen Electric Vehicle Charger Security Underway, But Challenges Remain

Amid growing concerns over the cybersecurity vulnerabilities of internet-connected electric vehicle (EV) chargers, significant efforts are being made by various stakeholders to address these risks. From device manufacturers to the Biden administration, the seriousness of the issue is being acknowledged, and steps are being taken to bolster security and establish standards.

Companies like Electrify America, a leading EV charging firm, are proactively monitoring and reinforcing security measures to protect both themselves and their customers. Additionally, cybersecurity firms like Pen Test Partners report that companies are responsive to fixing identified vulnerabilities promptly.

While progress is being made, a coordinated set of standards and regulations remains lacking. The responsibility for safeguarding EV charger security falls on manufacturers and the government. The 2021 Bipartisan Infrastructure Law aimed to expand secure EV charger infrastructure, but there are gaps in its coverage, leaving many existing devices without adequate protection. States are required to implement “appropriate” cybersecurity strategies for chargers funded under the law, but specific standards are yet to be determined.

Cybersecurity researchers remain optimistic that stricter standards will be established, but it may take time to reach a consensus on what measures are truly effective and who should be responsible for implementing and enforcing them. Nevertheless, the growing awareness of the issue and ongoing efforts by various stakeholders suggest a commitment to strengthening EV charger security in the future.

Protecting Yourself from Scam Ads and Online Threats: Tips and Strategies

Online ads can be not only annoying but also dangerous, as they can lead to scams and malicious activities. Even tech-savvy individuals can fall victim to these deceitful tactics, as seen in the case of journalist Cory Doctorow. Scammers utilize search ads to trick users into revealing personal information, visiting phishing sites, downloading malware, or falling for fleeceware scams.

SecureMac provides valuable insights on safeguarding against such threats:

  1. Spot the ad: Be cautious of sponsored search results, marked with “Ad” or “sponsored result.” Skip them and opt for non-sponsored links for genuine search results.
  2. Consider safer search engines: While Google dominates the search engine market, other options like DuckDuckGo and Brave have fewer badvertisements and may offer a safer experience.
  3. Pay for ad-free search: Brave and Neeva offer paid ad-free search options, providing a safer browsing environment for a small monthly fee.
  4. Beware of sponsored ads on other platforms: Amazon and Facebook are notorious for counterfeit products and scams in their search and ad results.
  5. Exercise caution with downloads: Ensure you are downloading apps from legitimate and trusted software developers’ sites to avoid malware and potential threats.
  6. Use safe payment methods: Opt for payment options like credit cards and services such as Apple Pay, which offer dispute and refund capabilities, aiding in the fight against badvertisers.

By following these precautions and remaining vigilant while navigating the online landscape, users can protect themselves from falling victim to scam ads and potential cyber threats.

Get the latest security news and deals