With electric vehicles (EVs) becoming more and more popular and taking up even more market share percentage, it is inevitable that this popularity should require another extension to the ever-growing network of cybersecurity requirements. In September 2021, EVs outsold diesel vehicles in Europe for the first time, and the market can only see sales trends going one way, as global climate change fears have prompted many Governments and vehicle manufacturers to make commitments to expanding their EV production. But this has opened up a debate about cyber criminals hacking EVs with far-reaching consequences.
There have already been stories about a Tesla having its autopilot features hacked, while keyless entry systems have been labelled as ‘vulnerable’ with criminals able to clone cards and divert signals from a card to a car in order to steal it.
What are EV cyber hacks?
Technology is advancing rapidly in the EV market and features such as cruise control and auto-assist functions are now part of a central network infrastructure in a vehicle, and like any computer system that opens them up to being accessed by a third party. Increased connectivity and mobile device integration within EVs has heightened this risk further.
Israeli-based cybersecurity business GuardKnox has warned of the devastating impact that security breaches can have on an EV and the EV network, but it is playing its part in tackling the issue. GuardKnox warns that sophisticated hackers can install malicious software, or malware, to infect public charging points. This will affect the charger but in turn will infect the vehicle, and then the next vehicle that uses the charger, and the next charger that each vehicle subsequently uses.
Pretty soon you have a malware pandemic on your hands, which can disable the EV completely, over-ride some of the driving functions and steal data from the charging network.
There have been calls on the EV market to increase cybersecurity measures to combat this, with market leaders such as Tesla, Honda and Volkswagen urged to do more to protect consumers. Tesla have pioneered much of the autonomous technology that makes EVs so appealing, so the onus is on them now to combat the rise in cyber-attacks. For its own part, GuardKnox has played a role in developing a new standard ISO/SAE 21434, which provides a common language for communicating and managing cybersecurity risk, and gives manufacturers the capability to state that an EV is cybersecurity protected.
What can you do to fight against EV cybersecurity hacks?
It is always better to use a home charger when charging your EV. This is much less at risk of a cyber-attack than a public charger, and in most cases will be restricted to just you using it. Even if you have to use a public charger occasionally, more frequent home charging will reduce your exposure to the risk of cyber-attack.
And if you have to use a public charger, what are the signs that you may have been hacked by a malware attack?
- Your speed or acceleration may suddenly change
- You have a low battery capacity very quickly
- Your auto-assist features are being over-ridden
Of course, in an extreme case your keyless entry card may have been hacked or cloned and your vehicle stolen.
The premium EV manufacturers are now working on better firewalls, more reliable hardware and issuing more frequent software updates in a bid to keep the cyber criminals at bay, while also designing a monitoring system which can detect, locate, diagnose and mitigate against cyber-attacks. It is to be hoped that the rapid development of EV technology, which makes the EV market so exciting and innovative, can bring these solutions to market just as quickly, to ensure the EV boom continues and EV hacks are, if not a thing of the past, at least a battle the industry is winning.
