summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--updates/2017/e-motor.en.md88
1 files changed, 88 insertions, 0 deletions
diff --git a/updates/2017/e-motor.en.md b/updates/2017/e-motor.en.md
new file mode 100644
index 00000000..3b0aff81
--- /dev/null
+++ b/updates/2017/e-motor.en.md
@@ -0,0 +1,88 @@
1title: Chaos Computer Club hacks e-motor charging stations
2date: 2017-12-27 00:43:00
3updated: 2017-12-27 07:19:45
4author: 46halbe
5tags: update, pressemitteilung
6previewimage: /images/NFC-Karten-Analysewerkzeuge9.jpg
7
8Currently, the infrastructure for charging electronic vehicles is rolled out in Germany – once again without paying much attention to IT security. The convenient charging cards are currently so insecure that it is not advisable to use them. It is trivially possible to charge your car while having someone else unknowingly being forced to pay. Nearly all charging cards are affected by this vulnerability. Charging network providers that issue these cards have refused to fix the security problems, despite being given several months pre-warning. The details of the vulnerabilities will be presented in detail today at the 34th Chaos Communication Congress at 12:45 in Leipzig.
9
10<!-- TEASER_END -->
11
12Electric cars are recharged at an electric vehicle charging station
13instead of a gas pump. The stations usually offer a three-phase current
14connector, through which the necessary charging performance is achieved.
15In public spaces charging operations are sometimes deducted from
16charging cards by the operators. A number is stored on these charging
17cards, which the charging station uses to identify the customer.
18Unfortunately, this number is completely public and can be copied as
19often as desired. Therefore, it is possible to easily clone a charging
20card.
21
22„The operators have not implemented basic security mechanisms“, said CCC
23member Mathias Dalheimer who will explain the details of the hack today
24at 34C3. „This is as if I would pay with a photo copy of my debit card
25at the discounter − and the cashier accepts it.“
26
27The communication between charging stations and the billing back-end is
28not protected as well. The card number is transmitted without encryption
29directly to the provider. Little technical effort is necessary to
30intercept this communication to harvest customer card numbers. With
31these numbers it is possible to either forge charging cards or – even
32more simple – simulate charging events. Using this method a provider of
33charging stations can easily inflate its revenue.
34
35The charging stations themselves are also insecure. Most stations allow
36manipulations of their configuration and firmware updates via USB stick.
37Since this update mechanism is frequently insecure – like with KEBA
38models – arbitrary code can be inserted into the charging station. By
39this method an attacker for example can make charging free for all or
40can harvest customers' card numbers to make charges at their cost.
41
42Customers will have a hard time to proof these types of misuse.
43Especially when roaming, when their charging card is accepted at the
44station of a different provider, the settlement of fees happens much
45later. Weeks can pass before the misuse of their charge card number is
46noticed. The providers of the charging networks have acknowledged the
47problems but see no reason to take action. „New Motion“, for example,
48said that they do not know of misuse cases and that their customers
49should please take a look at their billing statement. \[0\] A change to
50a more suitable method of payment is not planned, so customers currently
51are forced to live with this inacceptable situation.
52
53We demand:
54
55- The security of the charging stations has to be raised to the state
56 of the art.
57- Charging station operators must offer secure payment methods to
58 their customers.
59- The payment data has not only to be protected within one charging
60 cycle, but also when roaming between different charging operators as
61 well.
62
63 
64
65**Links**:
66
67\[0\] [Statement of „New
68Motion“](https://www.goingelectric.de/forum/oeffentliche-ladeinfrastruktur/ladekarten-sind-unsicher-wie-man-auf-fremde-rechnung-laedt-t27590-50.html#p628169)
69(German)
70
71\[1\] More technical details and
72videos: <https://schwarzladen.gonium.net/> (German)
73
74\[2\] Electric car
75simulator: [https://evsim.gonium.net](https://evsim.gonium.net/)
76
77\[3\] Videos on Youtube:
78
79<https://youtu.be/0-AjgT8oqt8>
80
81<https://youtu.be/HWfHfctN66U>
82
83<https://youtu.be/nL3cDfzAIC0>
84
85<https://youtu.be/pUEp3uWAWqY>
86
87\[4\] Live-Streaming: [Information on streams and
88videos](https://events.ccc.de/congress/2017/wiki/index.php/Static:Streams)