Electric cars are an essential component of a lower-carbon future, but a new report from researchers at the New York University Tandon School of Engineering raises the specter that plug-in electric vehicles—and the charging stations that supply them—could be prime vectors for cyberattacks on urban power grids.
“In simulations using publicly available information about charging station usage in Manhattan and the structure of the island’s power grid, our research team found that a fleet of just roughly 1,000 simultaneously charging electric vehicles would be adequate for mounting an attack whose effects could rival the blackout that affected the city’s West Side last month,” said Yury Dvorkin, assistant professor in NYU Tandon’s Department of Electrical and Computer Engineering.
NYU Tandon doctoral candidate Samrat Acharya led the research in collaboration with Dvorkin and Professor Ramesh Karri, also from the Department of Electrical and Computer Engineering.
“This simulation is a wake-up call to the public and policymakers, and an encouragement to take steps to protect the data generated between electric cars and charging stations—most of which could be co-opted by a hacker with college-level skills,” Dvorkin said.
Electric vehicle charging stations represent a link between plug-in electric vehicles and the power grid—a high-wattage access point that hackers can potentially exploit to manipulate the grid. Each vehicle that uses a public charging station generates data on its location and charging time, along with information on the average hourly power draw at each station. Information on power usage is critical for a malicious actor who wishes to manipulate demand at a particular charging station. This information is easily accessible, as it is transmitted wirelessly by third-party apps that cater to electric vehicle owners.