Hackers Could Abuse Electric Car Chargers To Cripple the Grid, Researchers Say

← Back to Stories (view on slashdot.org)

Hackers Could Abuse Electric Car Chargers To Cripple the Grid, Researchers Say

Posted by samzenpus on Thursday April 11, 2013 @09:28PM from the everybody-panic dept.

alphadogg writes "Hackers could use vulnerable charging stations to prevent the charging of electric vehicles in a certain area, or possibly even use the vulnerabilities to cripple parts of the electricity grid, a security researcher said during the Hack in the Box conference in Amsterdam on Thursday. While electric cars and EV charging systems are still in their infancy, they could become a more common way to travel within the next 10 years. If that happens, it is important that the charging systems popping up in cities around the world are secure in order to prevent attackers from accessing and tempering with them, said Ofer Shezaf, of HP ArcSight. At the moment, they are not secure at all, he said."

33 of 126 comments (clear)

Min score:

Reason:

Sort:

Fuses... by Joce640k · 2013-04-11 21:35 · Score: 4, Funny

I've just applied for a patent on a device I call a "fuse". You can put arrays of them in a thing I call a "fuse box". They prevent too much current from passing along a wire.

--
No sig today...
1. Re:Fuses... by Neil+Boekend · 2013-04-11 21:56 · Score: 4, Funny
  
  Is it web-enabled, cloud and smart? No? Then you ain't got nothing these days.
  
  --
  Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
2. Re:Fuses... by geekmux · 2013-04-11 22:19 · Score: 2
  
  Is it web-enabled, cloud and smart? No? Then you ain't got nothing these days.
  Yeah, you're right. All I'm left with is a lonely old-fashioned fuse box. So boring, yet so secure...
3. Re:Fuses... by Joce640k · 2013-04-11 22:28 · Score: 4, Funny
  
  Is it web-enabled, cloud and smart? No? Then you ain't got nothing these days.
  I've got a contact in Shenzhen who promises me they can provide a cloud-enabled controller for my fuse boxes at very good price.
  
  --
  No sig today...
4. Re:Fuses... by isorox · 2013-04-11 22:46 · Score: 4, Funny
  
  I've just applied for a patent on a device I call a "fuse". You can put arrays of them in a thing I call a "fuse box". They prevent too much current from passing along a wire.
  Can you sell them to the crew of the Enterprise? The number of exploding consoles they have...
5. Re:Fuses... by lxs · 2013-04-11 23:08 · Score: 3, Funny
  
  ZOMG power surge! #hardwork #itstoughbeingafuse
6. Re:Fuses... by Kilo+Kilo · 2013-04-11 23:10 · Score: 4, Funny
  
  How big are these "fuses"? Can a child choke on them? Yes? Well then, we're going to need to strictly regulate the sale and use of "fuses." And these "fuse boxes" are an important target for terrorists, so this will obviously fall under the DHS.
  
  What's that? No, I actually haven't seen a "fuse" in person, but I understand they have something to do with computers and the "world wide web."
7. Re:Fuses... by king+neckbeard · 2013-04-11 23:34 · Score: 4, Funny
  
  Unfortunately, the Treaty of Algeron prohibits the Federation from researching certain technology, including cloaking devices and fuses.
  
  --
  This is my signature. There are many like it, but this one is mine.
8. Re:Fuses... by Phase+Shifter · 2013-04-11 23:36 · Score: 3, Funny
  
  ." And these "fuse boxes" are an important target for terrorists, so this will obviously fall under the DHS
  Fuses are an essential component of bombmaking, so anyone who buys or sells them will be placed on the no-fly list.
9. Re:Fuses... by mysidia · 2013-04-11 23:46 · Score: 2
  
  Can you sell them to the crew of the Enterprise? The number of exploding consoles they have...
  The consoles are exploding, when they're at red alert, so they have engaged the battle short, or bypass of circuit protection, to maintain the availability of critical control systems in spite of battle damage, during the lifethreatening situation. :)
10. Re:Fuses... by OzPeter · 2013-04-12 00:07 · Score: 4, Funny
  
  Unfortunately, the Treaty of Algeron prohibits the Federation from researching certain technology, including cloaking devices and fuses.
  More disclosure is needed here .. that treaty also forbids seat belts.
  
  --
  I am Slashdot. Are you Slashdot as well?
11. Re:Fuses... by Joce640k · 2013-04-12 00:56 · Score: 2
  
  Can you sell them to the crew of the Enterprise? The number of exploding consoles they have...
  That smoke you see is the fuse doing its job correctly. How else could they repair them in time for next week's show?
  
  --
  No sig today...
12. Re:Fuses... by LoRdTAW · 2013-04-12 01:32 · Score: 5, Insightful
  
  Seriously. If this clown thinks that switching on multiple charging stations at once can cripple a grid he needs a course in basic electric system installation. This guy is just hyping up a non existent problem and turning it into "OMG terrorist hackers will cripple our country!" FUD. Its silly attention seeking.
  Example:
  If you had 10 chargers in a parking lot, each charger would have its own internal circuit breaker and the entire branch circuit that powers them all also must have a circuit breaker. Lets say the branch circuit can only support a maximum of 5 chargers at full power or a mix of low/high charge levels for all 10. If some "hacker" turned them all on at once guess what happens? The branch circuit breaker trips, problem solved. Even if there were 100 chargers, a breaker will trip and again problem solved.
13. Re:Fuses... by dj245 · 2013-04-12 01:49 · Score: 4, Funny
  
  Unfortunately, the Treaty of Algeron prohibits the Federation from researching certain technology, including cloaking devices and fuses.
  More disclosure is needed here .. that treaty also forbids seat belts.
  Seat Belts are a hazard when you need to get away from a console which will explode imminently.
  
  --
  Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
14. Re:Fuses... by Frontier+Owner · 2013-04-12 04:31 · Score: 2
  
  Seriously. If this clown thinks that switching on multiple charging stations at once can cripple a grid he needs a course in basic electric system installation. This guy is just hyping up a non existent problem and turning it into "OMG terrorist hackers will cripple our country!" FUD. Its silly attention seeking.
  Example: If you had 10 chargers in a parking lot, each charger would have its own internal circuit breaker and the entire branch circuit that powers them all also must have a circuit breaker. Lets say the branch circuit can only support a maximum of 5 chargers at full power or a mix of low/high charge levels for all 10. If some "hacker" turned them all on at once guess what happens? The branch circuit breaker trips, problem solved. Even if there were 100 chargers, a breaker will trip and again problem solved.
  its possible.
  We blow up a transformer somewhere in the neighborhood atleast once a summer. LA went thru rolling blackouts the last few years.
  Take system that is pushed to the max, everyone gets home at 1730hr and plugs in their car, BOOM. your in the dark till about 2000 hr waiting on the power company to go change a transformer. larger cities, better planned neighborhoods have multiple feeds and larger transformers.
  one thing I do think he missed is ohms law. sure, you can turn one on or off remotely, but turning one on while not plugged in doesn't draw much power. Just enough to run the circuitry. not enough to blow the grid up.
Stop the FUD by wbr1 · 2013-04-11 21:42 · Score: 4, Insightful

A hacker could just as concievably shut down the computer or payment system in a traditional gas station rendering it useless. Or disrupt the credit authentication system. Or a terrorist could bomb them.
Just because its an EV does not make it or its infrastructure any more or less succeptible to an attack of some kind. To say otherwise just discourages people from looking at it as an alternative and is FUD.

--
Silence is a state of mime.
1. Re:Stop the FUD by JaredOfEuropa · 2013-04-11 22:03 · Score: 5, Insightful
  
  Apparently there's adequate security on computers at gas stations and credit card companies. The point is that EV charging points do not have adequate protection, making them an obvious target. The same concern was voiced about smart meters / smart appliances, and experts claim that by switching a great many high power equipment (EV chargers, dryers, solar panel inverters) on and off in a certain coordinated way, one can seriously mess up the grid.
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
2. Re:Stop the FUD by Lumpy · 2013-04-11 22:31 · Score: 2
  
  Mostly because they all have cablemodems on them and use telnet with a root password of 12345
  "not secure" as in they dont have a armed guard near them? they are as secure as a power substation that if you simply start shooting out insulators can cause a LOT more problems with the electrical grid than 10 car charging stations could.
  
  --
  Do not look at laser with remaining good eye.
3. Re:Stop the FUD by Anonymous Coward · 2013-04-11 23:35 · Score: 2, Insightful
  
  "A few hundred million of such chargers"??? Wake me when there ARE a few hundred million EV smart chargers in the US. Once I get done celebrating I'll help you secure them.
  A large portion of EVs (including my Leaf) are recharged today using nothing more sophisticated than the brick that came with the car and a 120v outlet in the owner's garage.
4. Re:Stop the FUD by Nadaka · 2013-04-12 00:09 · Score: 2
  
  As someone who worked at a gas station in college while I was getting my cs degree? Your "insightful" mod is not appropriate. Their computers have abysmal security.
5. Re:Stop the FUD by Lumpy · 2013-04-12 00:59 · Score: 2
  
  Smart Charger.... you keep using that word.. I dont think it means what you think it means.
  "smart chargers" dont connect to the internet and then a global system for management. Smart charger means it knows how to stop charging and switch charging modes based on load draw and voltage spikes as well as feedback from the battery. If you think they put in an internect connection to every single "smart charger" I stringly suggest you actually read up on the subject.
  
  --
  Do not look at laser with remaining good eye.
Station security today? by geekmux · 2013-04-11 21:44 · Score: 2

When all one needs is a match to cause chaos at any one of the 100,000+ gas stations across the country, it seems rather strange that we're raising the physical security flag on this. Not saying he doesn't have a point, just seems to wash out when looking at what you could do today with so little.
My house is connected to the electrical grid, and yet for some reason (safety design perhaps?), I highly doubt I could take out a city block from my bedroom outlet.
I'd be more interested in knowing by gigaherz · 2013-04-11 21:46 · Score: 2

[...] in order to prevent attackers from accessing and tempering with them, [...]

temper /tempr/ Verb: Improve the hardness and elasticity of (steel or other metal) by reheating and then cooling it.
How does this relate to EV chargers and why would it be important to prevent people from using them for this task.
1. Re:I'd be more interested in knowing by gl4ss · 2013-04-11 23:11 · Score: 2
  
  well.. if there's free electricity you can use it for tempering, by using the electricity for heating them, if enough people are doing this then others can't charge their vehicles and they get stuck.
  and twenty years ago the same guy probably announced that we're doomed because protesters could go and set gasoline stations on fire and then people wouldn't have a place to go to get gasoline.
  
  --
  world was created 5 seconds before this post as it is.
Wrong venue by aquabat · 2013-04-11 22:03 · Score: 2, Insightful

I think you have accidentally posted this piece to the wrong site, sir. There are too many people here who have a clue for your tactic to work. I suggest you try "SeekingAlpha" or "Forbes", if you want to manipulate a market more effectively.

--
A republic cannot succeed till it contains a certain body of men imbued with the principles of justice and honour.
1. Re:Wrong venue by ub3r+n3u7r4l1st · 2013-04-12 00:52 · Score: 2
  
  Seeking Alpha is just now become Seeking Clicks..., authors get paid by the number of visits to their articles, so they churn out as many crap as they can with sensational titles, and as long as you click on it, cha-ching for them.
  
  --
  New Economic Perspectives
How appropriate by dkleinsc · 2013-04-11 23:03 · Score: 5, Interesting

A few days ago, Bruce Schneier launched the Sixth Movie Plot Contest, with the goal of creating catastrophic but plausible things that "cyberwarriors" and evil hackers could do to destroy America. There are some fascinating ones, that's for sure, but the real point is that if you try to defend against everything that could happen, you'll waste most of your efforts.

--
I am officially gone from /. Long live http://www.soylentnews.com/
Negative Astroturfing with spurious facts by rmdingler · 2013-04-12 00:01 · Score: 2

Readers not astonished.

--
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Re:Simple Answer by budgenator · 2013-04-12 01:46 · Score: 2

The point is when the high capacity rapid chargers are widely deployed, if they all began rapid charging at the same time the voltage drop and current surge on the grid would cause an automatic circuit trip. Likewise if charging stations were all runnining by a staggered start, the grid's power stations would ramp up power output, then if you stopped charging all of the stations at the same times the power-sations would over-rev and automatically shut-down. Now consider if the grid sub-stations were hacked into and the trip-current levels on the circuit breakers were set too high, now you could blow out those hugh transformers at the sub-stations, and they aren't inventory items, they are custom made to order items, it can take months to replace 1, image trying to replace 100's! The Northeast blackout of 2003 affected 55,000,000 and the primary cause was a software bug in a single computer, imagine what could be accomplished as an act of war attack rather than an accident on a hot day. I'm not all that curious to see if a real-life version of the TV show Revolution can be created.

--
Apocalypse Cancelled, Sorry, No Ticket Refunds
Mad Libs by Enry · 2013-04-12 02:08 · Score: 2

Hackers could abuse ______ to _____ a/the ____.
Yes, yes... by sesshomaru · 2013-04-12 02:11 · Score: 2

We should stick with nice, safe, harmless gasoline.
Totally harmless...

--
"MIT betrayed all of its basic principles."
DOS on electric meters? by John+Jorsett · 2013-04-12 04:00 · Score: 4, Insightful

This brings to mind something else I've been wondering lately. Are the new electric meters that are going in capable of disconnecting service by remote command? If so, I'd think that would be an even jucier target for hacker disruption.
Many manufacturers need a license.... by TimO_Florida · 2013-04-12 04:06 · Score: 2

Many manufacturers need a license to put anything controllable on the Net. Devices need to be certified that they are not openly hackable or a danger sitting out there in the big wide world....