The Power Grid Must Be Protected, But Are EV Charging Stations Secure?

GIUSEPPE SERIO

VP Market Development

February 23, 2023

The widespread adoption of electric vehicles (EVs) depends on a robust and reliable network of charging stations. However, as the number of EVs on the road increases, so does the scale and potential impact of attacking the charging infrastructure for utilizing it to cause public disruptions. 

In April 2022, researchers from the University of Oxford and Armasuisse S+T disclosed a new technique known as “Brokenwire”, which could potentially disrupt the ability to charge EVs on a large scale. The researchers revealed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale. The method interferes with the control communications that transpire between the vehicle and charger to wirelessly abort the charging sessions from a distance of as far as 47m (151ft). The attack works by disrupting the charging process of a targeted vehicle by transmitting harmful wireless signals. Specifically, this attack aims to interfere with the communication between the charger and the vehicle’s Combined Charging System DC rapid charging technology. As a result, the charging process is hindered and the vehicle may not be able to charge properly. The researchers explained that while it may only be an inconvenience for individuals, interrupting the charging process of critical vehicles, such as electric ambulances, could have life-threatening consequences. The researchers added that Brokenwire had immediate implications for many of the over 16.5 million EVs estimated to be on the roads worldwide — and profound effects on the new wave of electrification for vehicle fleets, both for private enterprise and for crucial public services.

 

Could Electric vehicle (EV) charging stations be used to interrupt the electric grid?

Electric vehicle charging stations may seem like harmless pieces of infrastructure, but when they are networked, they can become a potential tool for attackers to destabilize the local power grid. A single EV charging station alone cannot carry that great impact, but a network of charging stations can be weaponized by an attacker, drawing more power than the grid allotted them and causing instability in the form of fluctuations.

In one attack scenario, an adversary would utilize a large number of compromised EV charging stations to launch synchronized charging operations simultaneously. The objective is to destabilize the grid through a sudden increase in charging demands, which can lead to cascading failure and a drop in the system’s frequency.

Another attack scenario involves the reversal of electric flow back to the grid by discharging a large number of connected EVs through compromised EV charging stations. The Vehicle-to-Grid (V2G) technology that enables this feature is intended to support the grid when power is required, but attackers could exploit it. In this instance, synchronizing large-scale discharging operations destabilizes the power grid by causing a sudden growth in electric supply, disrupting the grid’s power demand/supply balance.

Lastly, an attacker could combine the two attack scenarios by alternating charging and discharging operations within a short period. Such an attack could cause sudden and switching frequency disturbances, leading to cascading failures. Here the grid doesn’t restore its frequency to normal, which may result in significant implications for continued operations and the restoration of power overall,

Given the potential risks, it is important for EV charging network operators and government agencies to take steps to safeguard against attacks and ensure the security of the electrical grid. This could include measures such as increased monitoring and control of charging stations, as well as the use of advanced cybersecurity technologies to prevent unauthorized access to the charging network. By taking these steps, it may be possible to minimize the risk of an attack and ensure that the benefits of EV charging stations are not outweighed by their potential downsides.

 

The entire EV ecosystem needs to adopt a proactive approach in protecting charging infrastructure

There are several entry points that can be used to access an electric vehicle (EV) charger and potentially be hack it and impact the grid:

  • Physical tampering: An attacker could physically tamper with the charger in order to gain unauthorized access to its systems or to manipulate its functionality.
  • Network vulnerabilities: If the charger is connected to a network, an attacker could potentially exploit vulnerabilities in the network to gain access to the charger.
  • Malware: An attacker could potentially introduce malware into the charger’s systems in order to gain access or manipulate its functionality.
  • Unsecured communications: If the charger uses unsecured communication protocols or does not have strong authentication and authorization controls, an attacker could potentially intercept the communications and gain access to the charger.
  • Charging network management system (CNMS): An attacker could gain access to a compromised CNMS could potentially use it as a foothold to launch a more significant attack on the electric grid.

 

To prevent these types of attacks, it is important for OEMs, EV charging station manufacturers and operators to implement robust EV charging-specific security measures to protect against unauthorized access and tampering. This includes using monitoring and detection to recognize anomalies that indicate threats, using secure communication protocols, implementing strong authentication and authorization controls, and regularly updating and patching the charger’s software to fix any vulnerabilities or security issues that are discovered.

Newsletter Icon

The 2025 Global Automotive & Smart Mobility Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Proactive Quality, Powered by AI: A New Era for Automotive Manufacturing

As global markets tighten and margins shrink, the automotive industry finds itself at a crossroads: how do we balance innovation with efficiency? Nowhere is this…

Read more

Beyond CVEs: Why Automotive Cyber Threat Intelligence Must Cast a Wider Net

The recent volatility of CVE funding is a wake-up call for the automotive industry to rethink its risk and threat intelligence strategy. In the world…

Read more

Agentic AI in Action – How Service-as-a-Software Is Reinventing Automotive Cybersecurity Operations

In my previous post, I explored the paradigm shift brought on by service-as-a-software and agentic AI – and what it means for the future of…

Read more

From Services to Software – What the Agentic AI Economy Means for Automotive Cybersecurity

We are at the dawn of a new era in software and service delivery – one where the traditional boundaries between human expertise and digital…

Read more
Skip to content