The uptake of electric vehicles is currently being pushed by governments all over the world, especially in the U.S and around Europe. The European Union has voted to ban the sale of all ICE vehicles by 2035 and aims to have 30 million electric vehicles on the road by 2030. In the U.S, the Biden administration is also aiming to increase charging infrastructure all over the country. California has been one of the first states to ban the sale of petrol-powered vehicles by 2035.
As countries around the world are looking to foster EV adoption, the industry is facing a new challenge: cybersecurity. Although our EVs are part of a huge solution to reduce our environmental impact, given the connected nature of most vehicles and their reliance on power grids, they are often vulnerable to cyber-attacks.
A recent study made by Deloitte Canada highlighted that 84% of cyber-attacks on vehicles were done remotely, and 50% of all attacks were done in the past two years. This indicates that we can expect to see cybersecurity issues rise even more in the next few years. The report showed an incident of an industry leader in the CASE vehicle marketplace that had 25 of their company’s vehicles remotely accessed by a teenage hacker. The hacker determined each of the vehicle’s locations, whether a driver was in the vehicle and most significantly, ran commands remotely.
Most recently, researchers at Synactiv have discovered vulnerabilities within Tesla’s that would enable them to distract the driver with some annoying tactics and potentially turn the car on and off and steer the wheel.
EV systems often rely on Wi-Fi and cellular data in order to provide real-time updates in navigation and optimal route planning which leaves certain systems vulnerable to cyber-attacks. Furthermore, an entire eco-system of public charging stations can be linked to power grids when drivers are not charging at home, which creates an entirely new entry for security breaches. Many different scenarios could occur however, an EV driver could be subject to data alteration, insertion of malware and unauthorized access to private information.
To protect EV drivers from these ever-growing cybersecurity threats, EV makers will need to strategically plan how to protect their entire eco-system. This is from home charging, EV communication systems and local charging infrastructure.
Companies will need to begin integrating automated security systems into the design of the vehicles to manage user logins and access. This will reduce the number of touchpoints for users and in turn, limit the overall attack surfaces that EV ecosystems create. Additionally, automakers will need to utilise security by design. Through adapting security protocols to use encrypted data instead of a simple “username” and “password”, this will ensure that firmware failures will not occur.
Most importantly, transparency is key across the whole industry. Regulations should be made to ensure the necessary communication is made so that all security measures are supported by all those that are involved.
EVs are becoming more and more common on our roads, and therefore, a cybersecurity roadmap is crucial to keeping cars and its users safe whilst on the road. We must protect our electric vehicles from vulnerability as we usually would with any laptop or computer in our homes. To help maximise EV protection, OEM’s, governments and technology companies must work together.
