US Creates Draft Cybersecurity Laws For Charging EV Vehicles

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

In the face of the Biden administration’s large push towards EV vehicles, US agencies are racing to create cybersecurity guidelines and rules to prevent EV equipment from being hacked.

The Biden administration is pushing for over half of the car sales in the US to be electric by 2030, which puts pressure on government agencies and companies to create secure solutions and create adequate guidelines for keeping consumers safe.

The National Institute of Standards and Technology released a new set of draft laws, calling for companies that build charging networks to implement secure cybersecurity software and practices in their products.

“Now people can point to this and say, ‘OK, let’s start here. We can conduct all of our subsequent cybersecurity analysis and mitigation based on what’s provided in this,’” said Jim McCarthy, a senior security engineer at NIST.

Currently, the charging networks have fairly large vulnerabilities, as outlined by a recent analysis of 12 EV charging products. Researchers found massive security flaws that exposed information like credentials, usernames, and passwords. In some cases, hackers were even able to manipulate information.

Hackers are able to infiltrate these charging networks to steal customer data and even damage the grid the charging dock uses.

The largest concern is malware being spread through the electric charging ports, which could take down the charging network or further spread malware into smart cars.

“If somebody can’t charge their car at the time they need to because of some malware or some sort of cybersecurity attack, that’s a big problem,” states McCarthy.

The NIST also recommends EV charging networks to use firewalls and antivirus software and protect themselves through data encryption as well as using logging tools to help identify any potential breaches.

The NIST has opened comments up to the public until Aug 28, when they’ll then begin finalizing their guidelines.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."