In recent times, much attention has been given to the potential risks of charging our smartphones from public USB ports found in places like airports, cafes, and rail transit stations. However, a fresh wave of warnings is now emanating from security analysts, urging electric vehicle (EV) users to exercise caution when using vulnerable public charging ports.
The adoption of Electric Vehicles (EVs) has gained substantial traction, particularly in Western countries such as the UK and various parts of Europe. This trend is further fueled by the UK government’s plans to phase out diesel and petrol cars in favor of EVs. Yet, concerns linger among experts who point out that many electric car manufacturers are not adequately addressing security vulnerabilities in their vehicles. Instead, the primary focus seems to be on enhancing speed and reliability to alleviate concerns about driving range limitations.
Noted security expert Jake Moore, affiliated with ESET, underscores the exponential growth of EV usage in recent years. However, he highlights a significant concern: the software employed in these vehicles harbors numerous vulnerabilities, providing hackers with ample opportunities to exploit such weaknesses.
Moore goes on to explain that most EV apps request sensitive information like email addresses, phone numbers, and even payment card details. These data are crucial for smooth transactions at toll gates and charging stations. Regrettably, the current state of security in these vehicles leaves them susceptible to data breaches. Hackers could potentially extract this information and sell it on the dark web.
The issue is compounded by the fact that charging stations can serve as entry points for hackers to gain access to vehicle information. They could manipulate the on-board technology, ultimately taking control of sensitive data. While these vehicles are connected to the internet for software updates, security patches are not as frequent, rendering them vulnerable to hacking attempts.
A recent incident that gained widespread attention involved a Belgian researcher hacking into a Tesla electric car via clever computer tactics. Another case, occurring in March 2023, saw a hacker infiltrating a car’s touchscreen display and broadcasting explicit content. Upon investigation, it was discovered that the electric car had been compromised at a public charging station nearly ten days earlier. A malware was introduced, enabling cybercriminals to remotely control the vehicle.