In the effort to combat climate change, the Biden administration is urging carmakers to transition to electric vehicles. However, the National Institute of Standards and Technology (NIST), the main U.S. agency for technology and competition, is emphasizing the need for cybersecurity guidelines in the EV industry to protect against both domestic and international hacking.
The newly drafted guidance from NIST specifically focuses on the security of digital payment systems on ultrafast charging networks and EV equipment connected to the power grid.
Without proper cybersecurity guidelines for EV charging stations, companies run the risk of connecting equipment that may be vulnerable to hackers. Megan Samford, Chief Product Security Officer for energy management at Schneider Electric, which manufactures EV charging equipment and other devices connected to electric grids, likens this situation to “Bring your own device to the grid.”
Security researchers have warned of the potential for hackers to breach EV charging networks and compromise customer data or even cause blackouts by manipulating the electric grid. As the U.S. and Europe strive to increase electric vehicle adoption, the rush to produce more EVs raises concerns that cybersecurity could be overlooked. In April, the Biden administration proposed stricter car emissions targets and called for EVs to make up 50% of new vehicle sales by 2030.
While the 2021 U.S. infrastructure law allocated $7.5 billion in funding for the expansion of EV charging stations, the security guidance provided to states at the time only recommended “appropriate” cybersecurity strategies without clear specifications. NIST has been developing more specific voluntary cybersecurity steps since last fall, providing a starting point for companies to analyze and address their cybersecurity needs.
A recent analysis by Sandia National Laboratories identified security flaws in 12 EV charging products, including exposed usernames, passwords, and credentials that could be manipulated by hackers. NIST emphasizes the need to consider the common cybersecurity risks in both the operational technology and information technology systems involved in EV charging.
The most concerning cyber threat highlighted by NIST is the potential for malware to infect EV charging equipment and spread throughout charging stations, leading to disruptions in the charging process. To mitigate such risks, NIST recommends implementing encryption, firewalls, antivirus software, and extensive logging tools for forensic analyses following cyberattacks.
NIST is currently accepting public comments on the guidelines until August 28, after which they will be finalized.
Contact Catherine Stupp at [email protected]
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
