Stay Alert—As Cyberattacks Ramp Up, EVs Are Vulnerable

Jim Motavalli

February 19, 2024 at 1:17 PM·7 min read

a group of people sitting at computers upstream cybersecurity patrol — As Cyberattacks Ramp Up, EVs Are VulnerableDavid Garb

"Hearst Magazines and Yahoo may earn commission or revenue on some items through these links."

Cybersecurity firm Upstream (pictured above monitoring cyberattacks) said there were 295 cybersecurity incidents in the automotive and mobility space in 2023.
“The risk is that, unlike a data leak or a bricked phone or laptop, even a minor car hack can be hugely disruptive to people’s lives,” analyst Michael Austin said.
Britain’s Royal United Services Institute (RUSI) think tank said “the proliferation of EV charging stations and related devices being connected to the grid is widening the attack surface.”

As we enter the age of the software-defined automobile, especially those with electric drivetrains, we’re facing unprecedented risk from cyberattacks, say a wide coterie of experts. According to the Israel-based Upstream firm, from 2019 to 2023 disclosed cybersecurity incidents in the automotive and mobility space increased by more than 50%, with 295 such occurrences in 2023.

Some 64% of these attacks were executed by “bad hat actors” with malevolent intent, the report said. And 65% of deep and dark web cyber activities last year “had the potential to impact thousands to millions of mobility assets.”

Shira Sarid-Hausirer, vice president of marketing at Upstream, which has an office in Ann Arbor, Michigan, said attacks could potentially cost automakers millions of dollars.

“The smarter a vehicle, the more vulnerable it is,” she said. “A single incident could cause a lot of damage to an OEM. Over-the-air updates could fix the vulnerability, but that would cost millions, too. The vast majority of these assaults are from non-governmental sources, folks trying to make money. Terrorism isn’t a dominating motivation.”

Michael Austin, senior research analyst for EVs and mobility at Guidehouse Insights, said the overall cybersecurity threat underlies how automakers need to adapt as cars become more connected.

“I think they’re aware of it and design systems to mitigate the dangers, but the threat is real,” Austin said. “And the risk is that, unlike a data leak or a bricked phone or laptop, even a minor car hack can be hugely disruptive to people’s lives.”

a group of people in front of a large screen for upstream cybersecurity monitoring in ann arbor michigan — Upstream cybersecurity monitoring in Ann Arbor, Michigan.Upstream

An irony is that artificial intelligence cuts both ways when automotive cybersecurity is at issue. “AI has been an increasingly popular topic on the dark web, and the bad actors are learning from it,” said Sarid-Hausirer. “But it can also be used positively to investigate alerts and perform triage.”

For EVs, the connected charging network is a target. Last year, the National Institute of Standards and Technology (NIST) prepared a draft guidance that called on companies deploying fast chargers to secure their digital payment systems.

The government’s report said that in 2023, the US had more than 48,000 public charging stations, and they “connect and communicate with cloud providers and third-party vendors for EVSE location information, billing and other services.”

And that’s a vulnerability, along with the utilities that provide the power. The interface between the EV and the charging station via the cloud “presents a potential attack surface for malicious actors to cause damage,” NIST said.

A 2023 paper on cybersecurity risks notes that because a public charging station “is connected into the grid and takes the necessary power from it, it poses a significant threat to the reliability and safety of the power supply.”

The cyberattacks are not just theoretical. Video shows a hacker freely manipulating an Electrify America (EA). station. Octavio Navarro, a technology spokesman for EA, told Autoweek, “Electrify America is constantly monitoring and reinforcing measures to protect ourselves and our customers and focusing on risk-mitigating station and network design.

USA TODAY
A Columbia professor wanted to document history. NYPD arrested him outside his home
The professor had just finished his last class to end a 28-year teaching career at Columbia University. Then police arrested him outside his home.
SheKnows
Many Are Seriously Speculating That Barron Trump May Decide His College Thanks to One Factor
Ever since the internet found out about Donald Trump and Melania Trump’s son Barron Trump’s towering height of 6’7, many are convinced he’d go into sports. Donald has hinted his son Barron loves sports, but it’s unclear which one he’s in. But now, amid the college hunt for Barron, many are wondering what college he’ll …
People
Anna Nicole Smith's Daughter Dannielynn, 17, Steps Out in Janet Jackson Dress Ahead of Kentucky Derby
Dannielynn and her father Larry Birkhead made their annual appearance at the Barnstable-Brown Gala during the Kentucky Derby weekend
allrecipes
I Asked 4 Chefs What Their Favorite Fast Food Cheeseburger Was and Their Pick Was Unanimous
Have you tried it?
NBC News
There’s been a major shift in demographics at the border. Here’s what’s behind the change.
Before the pandemic, roughly 9 in 10 migrants crossing the border illegally came from Mexico, Guatemala, Honduras and El Salvador. Those countries no longer hold the majority.
List Wire
California’s Lake Oroville highlights reversal of severe-drought levels in stunning before and after images
99% capacity has created quite the site from a few years ago...
NBC News
Florida teens seen on viral video dumping trash into ocean from a boat turn themselves in
Two Florida teens seen in a viral video dumping trash into the Atlantic Ocean from a boat turned themselves into authorities on Friday and face a felony pollution charge, according to officials and court records.
KIRO
After six days, North Bend zebra finally corralled, but method questioned by locals
A zebra that had been on the loose in the woods near Snoqualmie and North Bend since Sunday has finally been corraled, but locals are questioning the methods behind her capture.
HuffPost
Mary Trump Flags 'Really Troubling' Sign About Her Uncle's Trial
The former president's niece described a "split screen" effect that she believes could be damaging to the case against her uncle.
NBC News
Her family thought her death was a tragic accident. It was years before the truth came out.
Susann Sills’ family couldn’t fathom that her husband Scott Sills was involved in her murder — until his arrest and eventual sentencing of 15 years to life in prison.
Us Weekly
Gigi Hadid Shares Photos from Vacation With Boyfriend Bradley Cooper, Taylor Swift and Travis Kelce
Gigi Hadid’s 29th birthday celebration was one that mere mortals could only dream of, as boyfriend Bradley Cooper and pals Taylor Swift and Travis Kelce joined her for a week-long getaway. The quartet visited Carmel-by-the-Sea, California, a small city in Monterey County known for its rich history and idyllic scenery. Hadid shared a 10-photo carousel
CNN
China’s Shaolin monks are known for their incredible acrobatics. This photographer captured them in action
The photographer reflects on how he took the memorable shot back in 2004, in one of the martial arts academies that had sprung up near the Shaolin Temple.
The Cool Down
State Farm announces major insurance policy change affecting tens of thousands of households: 'This decision was not made lightly'
With more insurance companies pulling out of the market or limiting coverage recently, some homeowners may have no other option.
CNN
Opinion: Hope Hicks’ testimony was a nightmare for Trump
In the latest installment of his courtroom diary, CNN legal analyst Norman Eisen explains why Hope Hicks’ testimony in the Trump hush money trial implicated Trump directly in the alleged wrongdoing in an utterly believable way.
CNN
The moment Trump defied gravity is coming back to haunt him
Being elected president shortly after surviving the publication of the leaked “Access Hollywood” tape in 2016 is the moment in which Donald Trump defied political gravity.
Parade
Fans Lose It Over Travis Kelce's Fashionable Outfit for 2024 Kentucky Derby
His girlfriend isn't the only one with "Style."
CNN Business
Trump Media’s accounting firm charged with ‘massive fraud’
BF Borgers, Trump Media & Technology Group’s independent accounting firm, was charged by the Securities and Exchange Commission on Friday with widespread fraud impacting more than 1,500 filings.
Snopes
Fact Check: About That Rumor That Kristen Bell Has 214 Tattoos
A video claimed to show how the "Frozen" actor has tattoos all over her body.
KTLA articles
Boat overloaded with migrants docks in Newport Beach
A video posted on social media shows a boat carrying suspected illegal immigrants recently docking in affluent Newport Beach, California. According to the Orange County Sheriff’s Office, the landing occurred around noon on April 20. Video shared on X, formerly Twitter, by @OCLiberator shows roughly 20 people fleeing the overcrowded vessel after it pulled up […]
Inside Edition
Man Caught Stealing $190,000 From Tesla Backseat: Cops
Surveillance video shows a man in a black T-shirt getting out of his car and then breaking into the backseat window of the Tesla parked next to him. It happened at a gas station in Bensalem, Pennsylvania. One by one he picks up the boxes from the back seat and then hands them off to a female passenger in the front seat. Inside one of the boxes was $190,000, police say. Inside Edition Digital has the video.

Recommended Stories