There was one common concern within SMBs that added EVs to service fleets. More than three-quarters (76%) say they are concerned about EV cybersecurity and the potential public EV charging stations to be targeted by hackers, ransomware and other cyberattacks.
“When talking about all kinds of vehicles, there are several ways hackers can get in,” said Timothy Zeilman, vice president of HSB. “One is via Bluetooth or Wi-Fi, the second is to connect to the vehicle via the diagnostic port, and the third is to connect to the manufacturer’s server that communicates with the vehicle and provides updates.
“These types of exposure are basically present in all modern vehicles, but in the case of EVs, we can make more use of public charging stations where not only electricity but also data is exchanged. Basically provides hackers with additional potential ways. “
Plug-in chargers communicate with EVs over internet connections, and security experts warn that these systems could be hacked. This is related to SMBs, many (46%) telling HSB that they are somewhat or very concerned about the cyber exposure and safety of Internet-connected and automated vehicles.
Read next: Cyber insurance: major loss factors and how to mitigate them
So far, in North America, cyber exposures associated with EV charging stations are in the hands of researchers, analysts, and white hat hackers who have proven risk through controlled testing. No serious incidents have occurred due to malicious persons.
However, in recent weeks there have been reports that EV charging stations on Russian highways have been hacked and disabled by a Ukrainian company, displaying a message against Putin. If motivated, in this case, hackers are trying to weaken and hostile Vladimir Putin following Russia’s invasion of Ukraine. Risk has evolved from possibility to reality.
Unfortunately, for SMB owners and administrators concerned about cybersecurity in EV charging stations, there isn’t much that can be done on an individual basis to mitigate the risk, according to Zeilman. Charging station security is typically under the control of the private organization that builds and owns the charging station.
“Traditional IT gives owners great control over security. [of their networks and devices] Whether you are using endpoint protection software, firewalls, backups, and all of them traditional [that are deemed] “Best practice,” said Zeilman.
“But with EVs, the ability to customize the security of the vehicle is greatly reduced. This is largely controlled, even if not completely controlled by the vehicle manufacturer. Also, public charging. Nor can it affect the security of the station. There are many things that vehicle or fleet owners can do to mitigate security risks.
“If you can avoid public EV charging stations to some extent and charge your car mainly at home or at work, I think that’s one step to mitigate those risks.”
In addition to the risks associated with using public EV charging stations, 44% of SMB owners and administrators who responded to the HSB survey said that malware and other cyberattacks damaged vehicle data, software, or operating systems. Or he says he is afraid of being destroyed.
Most of them (56%) have the potential to get the vehicle stuck or inoperable, compromised safety (54%), and hackers can communicate or confront through the audio system. He said he was somewhat or very concerned about (43%).
read more: Top 10 US Cyber Insurance Providers in 2022
One big insurance question related to all of this revolves around whether insurance covers traditional insurance, such as commercial car insurance, which applies and addresses these risks.
“I don’t think we can clearly cover these cyber risks. [but] You may find coverage of those results, “Zeilman said. Insurance business. “For example, if a malicious person controls a vehicle and causes an accident, I think the consequences of the accident will be covered. [by commercial auto insurance] Regardless of the cause. However, if the vehicle is instead disabled or its functionality is compromised in some way due to hacking, I don’t think it’s possible to find coverage for such things under standard commercial vehicle policies. ..
“One of the interesting questions is, if the fleet owner also has a commercial cyber policy, is it subject to that policy? And the simple answer is that there is no explicit coverage. I think. In general, you won’t find commercial cyber coverage that says, “We actively cover the vehicles you own.”But I also think that many commercial cyber coverage forms are probably wide enough that you might be able to find some coverage. […] If you look hard enough. “
These types of EV cyber risk scenarios are frequently discussed by insurers and risk managers, and according to Zeilman, SMB owners and managers have the right to worry.
“At this point, it’s almost always a potential risk, but if people are properly motivated, we’re starting to see evidence that it’s actually feasible,” Zeilman said. .. “But if I’m a small business, it doesn’t hinder me if moving to EV makes sense with all the other considerations I was considering.
“EV manufacturers, EV charging station network owners, and the insurance industry all expect to be able to adapt and respond adequately to the growing threat environment, especially when they begin to see real events. ., From the security aspect as well as from the risk transfer and insurance coverage aspects. “
Electric Vehicle Cybersecurity: Business Owners Worried About Risks
Source link Electric Vehicle Cybersecurity: Business Owners Worried About Risks