The UK’s Office for Product Safety and Standards (OPSS) suspends sales of Wallbox’s Copper SB electric vehicle charger, for failing to comply with the current cybersecurity regulations and laws. The company can sell the affected charger until June 30.

The sales of Wallbox’s popular Copper SB electric vehicle charger have been suspended due to concerns that it could be exploited by foreign hackers. The UK’s Office for Product Safety and Standards (OPSS) has determined that this model does not meet the required cybersecurity standards, representing a threat to the nation’s electricity grid.

Priced at around £500, the Copper SB charger has raised alarms for its potential vulnerabilities, which could allow hostile nations to disrupt critical UK services. While Wallbox has sold nearly 40,000 electric car chargers in the UK, it remains unclear how many of these are Copper SB models. However, there will be no recall for units that have already been installed.

The charger, which can be controlled via smartphone, is internet-connected and can draw 22 kilowatts from the UK’s energy supply. The British regulator is concerned that potential software vulnerabilities will allow hackers to access thousands of these chargers at the same time, exposing the national grid to a demand for tens of megawatts.

We highlighted the growing cybersecurity threats facing EV charging infrastructure and the need for a more proactive approach, from both private companies and regulators. The surge in electric vehicle adoption has not only been a boon for environmental sustainability but also a magnet for cybercriminals eyeing the expanding network of EV chargers.

From skimming credit card information to hijacking entire networks via cloud servers, the potential for damage and disruption is enormous. Malware and ransomware attacks, as well as unauthorized access, and denial-of-service, are all possibilities. These potential vulnerabilities highlight the importance of leveraging automated risk management and security by design methodology, throughout the product lifecycle.

With the UN Regulation No. 155, the ISO/SAE 21434 standard, and other regulations across the US, China, and Europe going into effect, the mandate for a secure and compliant mobility ecosystem for software-defined products has never been clearer.

Take Your Next Steps With C2A Security

C2A Security offers the only risk-driven DevSecOps platform vendor that addresses the specific needs of car makers, Tier 1 suppliers, and mobility companies. Our DevSecOps platform is trusted by partners and customers such as BMW Group, Siemens, Valeo, ThunderSoft, Marelli, NTT Data, and Evvo Labs, among others. Schedule a meeting to explore how we can assist your team.