While modern electric vehicles are tested for vulnerabilities, some of their accessories, such as the battery chargers, often remain neglected.
Kaspersky Lab experts have discovered that electric vehicle (EV) chargers supplied by a major vendor carry vulnerabilities that can be exploited by cyber attackers, and that the consequences of a successful attack could include damage to the home electricity network.
All an attacker needs to do to change the amount of electricity being consumed is obtain Wi-Fi access to the network the charger is connected to. Since the devices are made for domestic use, security for the wireless network is likely to be limited.
This means that attackers could gain access easily, for example by brute-forcing all possible password options, which is quite common. According to Kaspersky Lab’s statistics, 94% of attacks on IoT in 2018 came from Telnet and SSH password brute-forcing.
Once inside the wireless network, the intruders can easily find the charger’s IP-address. This will allow them to exploit any vulnerabilities and disrupt operations.