With the buying price of gas traveling to near report heights, business owners may be considering option methods of industrial transportation.
A recently available study by Hartford Water Boiler (HSB), a Munich Reorganization, found that 15% of small and medium-size organizations (SMBs) had leased or acquired electric cars (EVs) for industrial use. While EVs can undoubtedly help organizations counteract the chance of volatile gas prices, they cannot come without risks.
There was one common concern among the SMBs who’d added EVs for their service fleets. More than three-quarters (76%) said these were concerned about the cybersecurity of EVs and the prospect of community EV charging stations being targeted by hackers, ransomware, and different cyberattacks.
“When discussing cars of all kinds, there are a handful of methods that a hacker might get in,” said Timothy Zeilman, vice leader of HSB. “One is through Wireless or Wi-Fi, another is through something which gets attached to the cars via diagnostic locations, and a next way is by getting into the manufacturer’s machines that communicate with and offer updates to vehicles.
“Those kinds of exposures occur for generally all modern vehicles. But for EVs, you’ve got that additional use of community charging stations, where energy and information can also be exchanged. That generally provides an additional possible way in for hackers.”
Plug-in electric chargers communicate with EVs through an internet connection, and safety authorities have informed these techniques could be hacked. This is regarding SMBs, many of whom (46%) told HSB these were fairly or very worried about the cyber exposures and safety of internet attached and automated vehicles.
To date, in North America, cyber exposures linked to EV charging stations will be in the fingers of researchers, analysts, and bright hat hackers, who’ve established the risks through controlled testing. There have not been any significant situations attributed to poor actors.
Nevertheless, in new days, there have been studies of EV charging stations on a European motorway being hacked and impaired by a Ukrainian organization, and then produced to show anti-Putin messages. Wherever there’s motivation – in this instance, hackers want to undermine and oppress Vladimir Putin’s subsequent Russia’s intrusion of Ukraine – the chance has developed from possible to reality.
For the SMB owners and managers concerned about the cybersecurity of EV charging stations, unfortunately, there’s not a lot that they can do on an individual basis to mitigate their risk, according to Zeilman. The safety of the charging stations is usually under the control of the individual organizations that build and own them.
“With traditional IT, the master has lots of control within the safety [of their systems and devices] and whether or not they use endpoint safety software, firewalls, back-ups, and all those traditional points [that are deemed] most readily useful methods,” said Zeilman.
“But with EVs, you have much less ability to customize the safety on your vehicle – that’s largely controlled, if not entirely controlled by the manufacturer of the vehicle – and you have number ability to impact the safety of people charging stations, there’s not a lot that the owner of the vehicle or fleet of cars may do to mitigate the safety risks.
“To a specific level, if you can avoid community EV charging stations, and most cost your cars at home or your organization premises, I think that’s one step that may be taken to mitigate those risks.”
Beyond the risks of using community EV charging stations, 44% of SMB owners and managers responding to the HSB poll said they are anxious that malware or another cyber attack may damage or destroy their card information, software, or running systems.
Many of them (56%) said they’re fairly or very concerned their cars could be immobilized or produced inoperable, their safety affected (54%), and that a hacker can talk and face them around their audio system (43%).
One large insurance question linked to this revolves around whether there’s insurance below traditional guidelines, like industrial vehicle insurance, that could apply and respond to these risks.
“I don’t think you’re going to locate specific insurance for these cyber risks [but] you may find insurance for the effects of them,” Zeilman told Insurance Business. “For instance, ifas of the cause. But when a car was alternatively impaired or had its features decreased in some manner because of a crack, I don’t believe you’re going to locate insurance for that type of issue below a standard industrial vehicle policy.
“One interesting question will be: if the fleet owner also has an industrial cyber policy, could you discover insurance below that policy? And I think the easy solution is that there’s perhaps not going to be specific coverage. Usually, you’re perhaps not going to locate industrial cyber insurance that claims: ‘We affirmatively protect the cars you own.’ But I also believe many industrial cyber insurance forms are probably extensive enough that you could be able to locate some insurance […] if you appear hard enough.”
Insurers and risk managers often mention these kinds of EV cyber risk situations, and, according to Zeilman, SMB owners and managers are to be concerned.
“It is certainly caused by a possible risk at this time, while we need to see evidence that whenever folks are effectively encouraged, it’s anything that truly can be moved out,” said Zeilman. “But when I was a small company, I wouldn’t allow that hold me straight back if going to EVs produced feeling in all the other factors that I was weighing.
“It is my expectation, and undoubtedly my trust, that EV manufacturers, owners of EV charging section systems, and the insurance business may all conform to the increasing threat environment, particularly if we begin viewing true events, so the response is likely to be ample, both from a protected area and from a chance move and insurance area as well.”