Application Security Specialist at Kaspersky Lab
Dmitry has been doing security research of distinct small and big devices for over 5 years. Now he is an Application Security Specialist at Kaspersky Lab, where he continues to satisfy his curiosity about different hardware and software bugs. His sphere of interests covers Industrial Control Systems, automotive devices, IoT devices, and many others.
We will charge you. How to [b]reach vendor’s network using EV charging station.
During the past five years, number of electric vehicles (EVs) in private use increased up to 2 million or even more. It is understandable that home EV charging stations become more and more popular. Consumer market requirements call for new features to be implemented. Consumerism dictates: blows and whistles like Wi-Fi and Bluetooth in any devices attracts customers. However, some features like remote charging control can render charging stations vulnerable to different types of attacks.
This talk is focused on the research of one of the EV chargers intended for SOHO usage. It contains different wireless interfaces as well as mobile application for remote control. During our research, we have found multiple security issues that could provide remote adversary an ability to take control over charger and possibility to compromise vendor’s backend infrastructure.