Upstream Security, a provider of cloud-based cybersecurity detection and response platform for mobility and automotive, has announced its partnership with chargeIQ, a provider of end-to-end software-as-a-service (SaaS) platform and technology (from IoT to cloud) for user-centric management of charging infrastructure.
ChargeIQ will deploy Upstream’s solution to monitor and detect threats against EVSE as well as the entire charging ecosystem, including charging points and stations (OCPP, OCPI, OICP, etc.), backend systems, and charging-related mobile apps.
Based on Upstream’s 2023 Global Automotive Cybersecurity Report, which uncovers emerging automotive and smart mobility cybersecurity risks and how they impact the entire smart mobility ecosystem, for the first time in 2022 attacks against EV charging points and infrastructure accounted for 4% of total incidents.
Yoav Levy, Upstream Security CEO and co-founder: “The ramp-up in EV adoption is driving the widespread buildout of charging points and stations globally. EV charging services and applications store sensitive data such as user account information and payment details, making them attractive targets for hackers. We’re also seeing hackers using ransomware to lock down charging stations, making them inaccessible until a ransom is paid. These hacking attempts damage the reputation of all involved – from the charging station operator, EV OEMs, that often bundle home charge points with the initial purchase of EVs, to the broader EV industry.”
Volker Fricke, co-founder and CTO of chargeIQ: “The EV charging ecosystem requires a holistic cybersecurity approach that expands beyond basic monitoring. In Upstream we found a strategic partner to help us safeguard our platform against malicious attacks that have the power to jeopardize charge points and stations, EVs and entire electric fleets. Upstream introduced the holistic EV charging detection and response (XDR) platform and threat intelligence solutions, which enable us to deliver peace-of-mind to our customers.”
The Purpose-Built Detection Platform for the EV Charging Ecosystem
Upstream platform is purpose-built to monitor and protect various mobility assets across the EV charging ecosystem, focusing on OCPP, OICP and OCPI, as well as other telematics and API-based data streams. With an agentless architecture, the Upstream platform requires no software or hardware footprint, ensuring flexibility and fast time-to-security. The platform effectively monitors all EV charging assets (including charging-related API transactions), creating a digital twin that reflects the individual state of each charging station, server, and companion application user. Based on the digital twin and advanced ML modules, the platform detects suspicious anomalies such as unauthorized attempts to inject malicious code to charging infrastructure, attempts to access private user data or to configure a high charging current to damage the charging infrastructure or even destabilize the electric grid (e.g. excessive ‘start-charging’ commands that might compromise electrical infrastructure).
Coupled with Upstream’s AutoThreat® PRO threat intelligence solution, which provides threat intelligence based on findings from the deep and dark web, EV charging stakeholders can implement a holistic and proactive approach to secure EV charging assets and ensure the integrity of charging infrastructure.