Since an Electric Vehicle can almost be described as a computer on wheels, it is more vulnerable to cyberattacks than internal combustion engine vehicles – in more ways than hotwiring!
With the popularity of Electric Vehicles (EVs) on a meteoric rise, there is also increasing attention on security challenges relating to EVs, thanks to their very nature of being electric and reliance on being digitally connected. This article will explain how EVs’ systems can be exploited, and provide simple steps to prevent these cyber threats.
Vulnerable when Charged
Unless you hardly drive, chances are that you would have experienced charging your EV at a public EV charging station. If you have, then you may have inadvertently exposed your car to potential hackers. This is because many charging stations are connected to the internet, which hackers can use to access the EV’s computer.
When that happens, the hacker could take all sorts of nefarious actions, from stealing personal information to installing malicious software on your EV.
Exploiting Vehicle Software
EVs rely on complex software systems to operate. These systems are the vehicle’s headquarters, where it controls everything, from the engine to the navigation system. Hackers can exploit software vulnerabilities to take control of the vehicle.
While this has happened with non-EVs, the risks are higher for EVs due to their heavy reliance on software.
Prevention: Regular software updates are important for keeping EVs safe from hacking. Car makers release updates to fix security problems and make the vehicles run better. Owners should always make sure their vehicle’s software is up to date, and only download from official trusted sites and platforms.
Remote Control
Many EVs come with mobile apps that allow owners to control features like unlocking doors, starting the engine, or checking battery levels. These apps can be a weak point if hackers gain access, potentially allowing them to control the vehicle or steal personal data.
Prevention: It’s important to protect the mobile app connected to your EV. Use strong, unique passwords and turn on two-factor authentication if it’s an option. This adds extra security by requiring another form of verification, like a text or email, to access the app.
Also, avoid using public Wi-Fi when using the app, as these networks can be less safe. Hackers can steal personal information, install malicious software, monitor your online activity, etc, all without your knowledge.
Signalling Issues
Keyless entry systems are common in modern vehicles, including EVs, but they can be vulnerable to relay attacks. Hackers can amplify the signal between the car and the key fob, even if the key is inside your home, allowing them to unlock and start your vehicle without your knowledge! Adding to that worry, with a cloning device, a person can get close to you with your key fob to copy access credentials to your EV or RFID charging card.
Prevention: To prevent relay attacks, use a signal-blocking pouch or box, also known as a Faraday pouch, for your key fob. These pouches block the signal, stopping hackers from intercepting it. To further thwart attacks, keep the pouch in a metal drawer.
Some vehicles also let you turn off the keyless entry feature for extra security.
Risk
Cybersecurity risks for compromised EVs are that the hackers can alter charge speeds, forcibly disrupt charging cycles or rapidly switch between alternating and direct currents, damaging batteries which could lead to fires or even explosions!
It was reported that in 2016, some Chinese security researchers remote-controlled a Tesla’s Controller Area Network (CAN) bus and took full wireless control of the vehicle. Tesla said this vulnerability was patched but this incident is a grave concern for all vehicles with network connectivity to be assiduously secured in their wireless communications.
Stay Vigilant!
As technology evolves, so do the methods used by hackers. Staying informed about the latest cybersecurity threats and best practices can help protect your EV from being hacked. Follow your vehicle manufacturer’s recommendations and check for updates regularly. Be cautious of suspicious emails or messages claiming to be from your vehicle manufacturer or charging station provider, as these could be phishing attempts to steal your information.