The University of Oxford researchers have revealed a vulnerability in the Combined Charging System in electric vehicles (EVs) that may prevent it from charging.

The University of Oxford researchers, in collaboration with Switzerland and the UK’s Armasuisse federal agency, identified a novel attack method that let them remotely force EVs to abort charging.

The attack method dubbed  Brokenwire works by sending malicious signals wirelessly to the targeted vehicle to cause electromagnetic interference and hinder the charging process.

The attack explicitly targets the Combined Charging System DC rapid charging technology and prevents the charger and the vehicle from communicating.

In the demo video researchers share, it is seen that the car is 79% charged, and suddenly the Stop sign on the right side gets clicked, and the charging aborts, displaying the following error message:

“Charging error. Communication problem. Make sure car is turned off, then retry.”

Watch The Demo Video

What is CCS?

Combined Charging System (CCS) is among the many different standards used in the EV charging ecosystem. It basically helps in DC’s fast charging of the car. Various plug types are used for the USA and EU regions called Combo 1 and Combo 2.

However, both use the same technology to operate. Apart from EV charging, the EV and the EVSE (Electric Vehicle Supply Equipment) exchange messages regarding charging-related issues and max current, etc., using the link provided by the HomePlug Green PHY (HPGP) PLC (power-line communication) technology.

Hack Details

The research team tested HPGP modems commonly used in EVs and charging stations using a software-defined radio replete and a 1W RF amplifier on an antenna, which they made themselves. When they tested this kit on seven vehicles from different automakers using 18 DC high-power chargers, researchers realized the off-the-shelf gear aborted the charging process from around 10 meters away from the target having a power budget of 10 mW.

As one got closer, lesser power was required to initiate a 100% packet loss. Researchers didn’t exceed the 1W power output outside the lab testing to avoid violating national transmission regulations. They demonstrated that the attack was successful on all the different floors they tested on, and via perimeter fences and drive-by attacks were possible.

Brokenwire attack works only against DC rapid chargers, whereas home charging stations that generally use AC charging are not affected because of communication standard differences. Moreover, the attack interrupts the charging, and all the victim has to do to resume charging and disconnect and reconnect the EV. It doesn’t cause long-lasting damage and is instead an inconvenience.

More Remote Hacks

  1. 100s of Russian Building Controllers Can be Remotely Hacked
  2. Internet-Connected Car Hacked and DDoSed via Smartphone
  3. WinRAR vulnerability allowed attackers to remotely hijack systems
  4. $120 charging cable O.MG remotely steals data from Apple devices
  5. Using a laser on Alexa & Google Home hackers can unlock your front door

Posted by Charlie