Category: electric vehicles

Electric Vehicles (EVs) are often praised for their environmental benefits and cost-effectiveness, but there are concerns about their security. According to experts from Check Point Software, EV charging stations are highly vulnerable to cyberattacks. These attacks could lead to the theft of personal data from vehicles or, even worse, allow hackers to take control of the car and cause major disruptions.

Traditional internal combustion engine cars typically contain around 100-200 million lines of code, but EVs are even more complex. With more electronic control units (ECUs) added to manage Eco-friendly features, these vehicles rely heavily on internet connectivity to sync with cloud-based management platforms. This opens up new potential vulnerabilities.

Charging stations themselves are also susceptible to cyberattacks, as they are linked to critical energy infrastructure. Hackers could exploit these weaknesses to disrupt power supplies, causing temporary or even permanent blackouts.

According to Peugeot, over a million new EVs are expected to hit the roads in the U.S. and U.K., amplifying the security risks. If the global numbers are taken into account, the threat could grow exponentially, regardless of what oil-rich nations anticipate for the future of fuel.

These risks arise because charging stations often lack proper cybersecurity measures. Many have insecure internet connections, insufficient network segmentation, and fail to meet authentication and encryption standards, all while managing large amounts of energy.

Security researchers point out that these vulnerabilities could lead to high-profile attacks. For example, during the early days of the Ukraine war in 2022, a cyberattack on Moscow and St. Petersburg highways resulted in anti-Putin messages being displayed. Similarly, in the U.K., hackers took over charging station displays on the Isle of Wight, showing explicit content for an extended period.

A significant data breach also occurred in early 2024, when servers at Shell, which stored EV charging logs, were compromised. Sensitive user data was reportedly stolen and sold on the dark web.

Given these risks, it’s crucial that companies building charging stations take a thoughtful approach, incorporating strong security measures to prevent both current and future cyber threats. Drivers should also exercise caution when using cheaper charging stations, ensuring their vehicles are regularly updated with the latest software and restricting data connections to manual settings when possible.

The post EV Charging Stations vulnerable to cyber attacks appeared first on Cybersecurity Insiders.

Electric Vehicles (EVs) are often praised for their environmental benefits and cost-effectiveness, but there are concerns about their security. According to experts from Check Point Software, EV charging stations are highly vulnerable to cyberattacks. These attacks could lead to the theft of personal data from vehicles or, even worse, allow hackers to take control of the car and cause major disruptions.

Traditional internal combustion engine cars typically contain around 100-200 million lines of code, but EVs are even more complex. With more electronic control units (ECUs) added to manage Eco-friendly features, these vehicles rely heavily on internet connectivity to sync with cloud-based management platforms. This opens up new potential vulnerabilities.

Charging stations themselves are also susceptible to cyberattacks, as they are linked to critical energy infrastructure. Hackers could exploit these weaknesses to disrupt power supplies, causing temporary or even permanent blackouts.

According to Peugeot, over a million new EVs are expected to hit the roads in the U.S. and U.K., amplifying the security risks. If the global numbers are taken into account, the threat could grow exponentially, regardless of what oil-rich nations anticipate for the future of fuel.

These risks arise because charging stations often lack proper cybersecurity measures. Many have insecure internet connections, insufficient network segmentation, and fail to meet authentication and encryption standards, all while managing large amounts of energy.

Security researchers point out that these vulnerabilities could lead to high-profile attacks. For example, during the early days of the Ukraine war in 2022, a cyberattack on Moscow and St. Petersburg highways resulted in anti-Putin messages being displayed. Similarly, in the U.K., hackers took over charging station displays on the Isle of Wight, showing explicit content for an extended period.

A significant data breach also occurred in early 2024, when servers at Shell, which stored EV charging logs, were compromised. Sensitive user data was reportedly stolen and sold on the dark web.

Given these risks, it’s crucial that companies building charging stations take a thoughtful approach, incorporating strong security measures to prevent both current and future cyber threats. Drivers should also exercise caution when using cheaper charging stations, ensuring their vehicles are regularly updated with the latest software and restricting data connections to manual settings when possible.

The post EV Charging Stations vulnerable to cyber attacks appeared first on Cybersecurity Insiders.

LinkedIn Used by Scammers to Distribute Malware: A New Threat

LinkedIn, a leading platform for professional networking, is now being exploited by scammers to spread a malware known as Covertcatch. Mandiant, a security firm owned by Google, has uncovered that North Korean hackers are using LinkedIn to target individuals with fake job offers, leading them to download this malicious software.

The scheme is straightforward- scammers connect with potential victims, engage them in conversation, and then persuade them to download a file disguised as a Python Coding Challenge. While LinkedIn is a common target for various types of cybercrime, it’s noteworthy that many affected systems have been MacOS devices.

To combat these threats, LinkedIn is employing AI-based threat detection tools to alert users of potential risks. Despite these measures, some users still fall victim to these sophisticated scams.

Quishing Attacks Target Electric Vehicle Users

In addition to LinkedIn scams, there’s a rising threat known as “Quishing,” which affects electric vehicle (EV) users. As many EV charging stations offer QR codes for payment, fraudsters have begun placing counterfeit QR codes that redirect payments to their own accounts or lead users to fraudulent payment gateways. These fake QR codes can also download malware onto users’ devices.

With the increasing reliance on digital payments and QR codes, it’s essential to stay vigilant. Here are some tips to protect yourself from Quishing attacks:

    1. Inspect EV Stations: Check for any signs of tampering at charging stations before scanning QR codes for payment.
    2. Verify Payment Details: Ensure the banking name on the payment application matches the charging station’s information.
    3. Avoid Sensitive Data: Refrain from entering personal or banking details on unfamiliar or suspicious websites.
    4. Update Your App: Keep your EV charging app updated with the latest software patches.
    5. Report Issues: Immediately report any discrepancies to the charging station authorities and law enforcement.

By following these precautions, you can better safeguard yourself against these emerging threats.

What are your thoughts on these evolving cybersecurity challenges?

The post Malware spread via LinkedIn and EV Charging Stations prone to Quishing Attacks appeared first on Cybersecurity Insiders.

In recent times, much attention has been given to the potential risks of charging our smartphones from public USB ports found in places like airports, cafes, and rail transit stations. However, a fresh wave of warnings is now emanating from security analysts, urging electric vehicle (EV) users to exercise caution when using vulnerable public charging ports.

The adoption of Electric Vehicles (EVs) has gained substantial traction, particularly in Western countries such as the UK and various parts of Europe. This trend is further fueled by the UK government’s plans to phase out diesel and petrol cars in favor of EVs. Yet, concerns linger among experts who point out that many electric car manufacturers are not adequately addressing security vulnerabilities in their vehicles. Instead, the primary focus seems to be on enhancing speed and reliability to alleviate concerns about driving range limitations.

Noted security expert Jake Moore, affiliated with ESET, underscores the exponential growth of EV usage in recent years. However, he highlights a significant concern: the software employed in these vehicles harbors numerous vulnerabilities, providing hackers with ample opportunities to exploit such weaknesses.

Moore goes on to explain that most EV apps request sensitive information like email addresses, phone numbers, and even payment card details. These data are crucial for smooth transactions at toll gates and charging stations. Regrettably, the current state of security in these vehicles leaves them susceptible to data breaches. Hackers could potentially extract this information and sell it on the dark web.

The issue is compounded by the fact that charging stations can serve as entry points for hackers to gain access to vehicle information. They could manipulate the on-board technology, ultimately taking control of sensitive data. While these vehicles are connected to the internet for software updates, security patches are not as frequent, rendering them vulnerable to hacking attempts.

A recent incident that gained widespread attention involved a Belgian researcher hacking into a Tesla electric car via clever computer tactics. Another case, occurring in March 2023, saw a hacker infiltrating a car’s touchscreen display and broadcasting explicit content. Upon investigation, it was discovered that the electric car had been compromised at a public charging station nearly ten days earlier. A malware was introduced, enabling cybercriminals to remotely control the vehicle.

The post Now electric charging stations are vulnerable to hackers after public USB charging points appeared first on Cybersecurity Insiders.