Disrupting the power grid via EV charging: The impact of the SMS Phishing attacks

Abstract Electric vehicle (EV) is a paradigm shift for automotive, power industries, and people. EV penetration increases due to environmental concerns. Growing demand shows that reliable smart grid integration is essential to successful EV adoption. EV adds various stochastic processes to the smart grid management ranging from consumer behavior, the vehicle type to battery state of charge. As with every new technology, EVs introduce new security concerns both for the power grid and charging infrastructure. Having a holistic view and understanding consumer behavior is important to address security issues. Regulative bodies and researchers consider cyber-threats and provide security architecture for EV charging systems. However, phishing attacks and their impact on the system have been overlooked up to now. In this study, we investigate how people’s charging behavior can be guided to disturb EV connected grid with mobile phone SMSs, so-called SMiShing attacks. We demonstrated the attack on the IEEE European Low Voltage Feeder Test System. Simulation results show that SMiShing attacks targeting the EV system may result in disruptions on the power system and should not be overlooked for reliable EV transition.

[1]  Chadi Assi,et al.  A Detailed Security Assessment of the EV Charging Ecosystem , 2020, IEEE Network.

[2]  Siddharth Garg,et al.  IoT-enabled distributed cyber-attacks on transmission and distribution grids , 2017, 2017 North American Power Symposium (NAPS).

[3]  Thomas Peyrin,et al.  Security challenges in automotive hardware/software architecture design , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[4]  Cristina Alcaraz,et al.  OCPP Protocol: Security Threats and Challenges , 2017, IEEE Transactions on Smart Grid.

[5]  Ning Zhang,et al.  Smart electric vehicle charging: Security analysis , 2013, 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT).

[6]  Tanya L. Brewer,et al.  Symposium on federally funded research on cybersecurity of Electric Vehicle Supply Equipment (EVSE) , 2020 .

[7]  Ezer Osei Yeboah-Boateng,et al.  Phishing, SMiShing & Vishing: An Assessment of Threats against Mobile Devices , 2014 .

[8]  Jong Hyuk Park,et al.  S-Detector: an enhanced security model for detecting Smishing attack for mobile computing , 2017, Telecommun. Syst..

[9]  Saraju P. Mohanty,et al.  Toward the Vision of All-Electric Vehicles in a Decade [Energy and Security] , 2019, IEEE Consumer Electronics Magazine.

[10]  Vikas Chandan,et al.  Methodologies for effective demand response messaging , 2015, 2015 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[11]  W. H. Kersting,et al.  Radial distribution test feeders , 1991, 2001 IEEE Power Engineering Society Winter Meeting. Conference Proceedings (Cat. No.01CH37194).

[13]  Qian Hu,et al.  The Prediction of Electric Vehicles Load Profiles Considering Stochastic Charging and Discharging Behavior and Their Impact Assessment on a Real UK Distribution Network , 2019, Energy Procedia.

[14]  Ankit Kumar Jain,et al.  Rule-Based Framework for Detection of Smishing Messages in Mobile Environment , 2018 .

[15]  Edgar R. Weippl,et al.  Grid Shock: Coordinated Load-Changing Attacks on Power Grids: The Non-Smart Power Grid is Vulnerable to Cyber Attacks as Well , 2017, ACSAC.

[16]  Ramesh Karri,et al.  Cybersecurity of Smart Electric Vehicle Charging: A Power Grid Perspective , 2020, IEEE Access.

[17]  Lei Wu,et al.  A Risk-Based Optimization Model for Electric Vehicle Infrastructure Response to Cyber Attacks , 2018, IEEE Transactions on Smart Grid.

[18]  Riccardo Mariani,et al.  An overview of autonomous vehicles safety , 2018, 2018 IEEE International Reliability Physics Symposium (IRPS).

[19]  Mustafa Bagriyanik,et al.  The Effect of SMiShing Attack on Security of Demand Response Programs , 2020, Energies.

[20]  Justin Cappos,et al.  Uptane: Security and Customizability of Software Updates for Vehicles , 2018, IEEE Vehicular Technology Magazine.

[21]  Ramesh Karri,et al.  Public Plug-in Electric Vehicles + Grid Data: Is a New Cyberattack Vector Viable? , 2019, IEEE Transactions on Smart Grid.

[22]  K. S. Kuppusamy,et al.  SmiDCA: An Anti-Smishing Model with Machine Learning Approach , 2018, Comput. J..

[23]  Ramana Rao Kompella,et al.  PhishNet: Predictive Blacklisting to Detect Phishing Attacks , 2010, 2010 Proceedings IEEE INFOCOM.

[24]  Cristina Alcaraz,et al.  Addressing Security in OCPP: Protection Against Man-in-the-Middle Attacks , 2018, 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[25]  Mohammad Ilyas,et al.  The PEV security challenges to the smart grid: Analysis of threats and mitigation strategies , 2013, 2013 International Conference on Connected Vehicles and Expo (ICCVE).