" " indicates required fields
As the adoption of electric vehicles continues to grow, so do the concerns about the security of electric vehicle (EV) charging infrastructure. Cyber threats targeting EV charging systems are becoming increasingly sophisticated, posing a significant risk to both the safety of individuals and the stability of the energy grid. In addition, regulations surrounding EV charging are quickly evolving, with governments and industry bodies introducing new standards and requirements to ensure that charging infrastructure is resilient and secure.
In this blog post, we’ll explore the current state of cyber threats to EV charging systems, as well as the latest regulations and standards designed to protect this critical infrastructure.
It’s no secret that as more and more people switch to electric vehicles, the EV charging infrastructure is becoming a bigger target for cybercriminals, who are constantly looking for ways to exploit vulnerabilities, and unfortunately, there are quite a few vulnerabilities to exploit.
For example, cybercriminals can skim credit card information from EV charging stations, just like they can at conventional gas pumps or ATMs. That’s just the beginning – potential hackers can use cloud servers to hijack entire electric vehicle charger networks, causing massive amounts of damage and disruption.
Some of the main cyber threats to EV charging infrastructure include:
The potential consequences of cyber threats to electric vehicle charging infrastructure are significant and far-reaching:
As the importance of electric vehicle (EV) charging infrastructure grows, governments and industry organizations around the world are taking steps to ensure that charging stations are secure and reliable.
The UK is the 1st country to mandate EV charging regulations (The Electric Vehicles Smart Charge Points Regulations 2021), which went into effect in June 2022, as part of an overhaul of the country’s Building Regulations. The regulations ensure that charge points meet certain device-level requirements, enabling a minimum level of access, security, and information for consumers. On the security aspect, a charge point must be designed, manufactured, and configured to provide appropriate protection:
The National Institute of Standards and Technology (NIST) in the United States has developed a framework for improving critical infrastructure cybersecurity that includes guidelines for securing EV charging infrastructure. The European Union Agency for Cybersecurity (ENISA) has also published guidelines for securing EV charging infrastructure, focusing on areas such as access control, data protection, and incident response.
While these regulations and standards are necessary to ensure the safety and reliability of these systems, they create both opportunities and challenges for companies manufacturing EV charging equipment:
C2A Security’s DevSecOps platform is a fully automated TARA solution that empowers OEMs to address the challenges of merging security, compliance, and product innovation.
Interested in hearing more? Leave your details to schedule a demo with me.
CRO
C2A Security
VP and GM, Medical Technology
C2A Security
Ken Zalevsky brings over 20 years of medical device cybersecurity experience to his role at C2A Security, where he serves as VP and GM, Medical Technology, following the acquisition of Vigilant Ops in October 2025. A former Bayer executive, Ken founded Vigilant Ops in 2019 after witnessing the consequences of inadequate technical preparation in the healthcare industry. He is an active contributor to CISA’s SBOM working groups and a frequent speaker on software supply chain security. Ken’s mission: transform SBOM from a compliance checkbox into operational intelligence that keeps patients safe while streamlining regulatory processes.