With the worldwide push to stamp out the internal combustion engine and push electric vehicles; a research study on how to thwart the charging process of EVs was introduced. University of Oxford researchers in the UK, in collaboration with Switzerland and the UK’s Armasuisse federal agency, identified a novel attack method that let them remotely force EVs to abort charging. The attack method called Brokenwire works by sending malicious signals wirelessly to the targeted vehicle to cause electromagnetic interference and hinder the charging process. The attack explicitly targets the Combined Charging System DC rapid charging technology and prevents the charger and the vehicle from communicating.
In the demo video researchers share, it shows that the car is 79% charged, and suddenly the Stop sign on the right side gets clicked, and the charging aborts, displaying the following error message: “Charging error. Communication problem. Make sure car is turned off, then retry.” If you cannot charge your vehicle, it won't work.
What is CCS? Combined Charging System (CCS) is among the many different standards used in the EV charging ecosystem. It basically helps in DC’s fast charging of the car. Various plug types are used for the USA and EU regions called Combo 1 and Combo 2. However, both use the same technology to operate. Apart from EV charging, the EV and the EVSE (Electric Vehicle Supply Equipment) exchange messages regarding charging-related issues and max current, etc., using the link provided by the HomePlug Green PHY (HPGP) PLC (power-line communication) technology.
Attack Details: The research team tested HPGP modems commonly used in EVs and charging stations using a software-defined radio replete and a 1W RF amplifier on an antenna, which they made themselves. When they tested this kit on seven vehicles from different automakers using 18 DC high-power chargers, researchers realized the off-the-shelf gear aborted the charging process from around 10 meters away from the target having a power budget of 10 mW.
As one got closer, lesser power was required to initiate a 100% packet loss. Researchers did not exceed the 1W power output outside the lab testing to avoid violating national transmission regulations. They demonstrated that the attack was successful on all the different floors they tested on, and via perimeter fences and drive-by attacks were possible.
Brokenwire attack works only against DC rapid chargers, whereas home charging stations that generally use AC charging are not affected because of communication standard differences. Moreover, the attack interrupts the charging, and all the victim has to do to resume charging and disconnect and reconnect the EV. It doesn’t cause long-lasting damage and is instead an inconvenience.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
Source: https://www.hackread.com/brokenwire-attack-electric-vehicle-charging-remotely-disrupt/
Comments