Cyberattacks targeting electric vehicles (EVs) are now a real threat both in Europe and Finland. In Drivalia Lease Finland’s video podcast, Check Point’s cybersecurity expert Jarno Ahlström emphasizes that an EV is a complex IT system requiring special attention to security. This is particularly important for corporate users, who need to be vigilant about which applications and passwords they use within the vehicle’s data systems. A new EU security regulation mandates cybersecurity measures for all new vehicles.
The cybersecurity of EVs used in business settings has become a crucial topic, and as Ahlström from Check Point Software Technologies notes, it’s well recognized. The technology used in EVs is constantly evolving, introducing new security risks. Today’s car functions like a computer, with over 100 electronic control units and up to 200 million lines of code—significantly more than an F-35 fighter jet, which has only about a quarter of that.
For companies with fleet vehicles, safeguarding the data systems of EVs is just as essential as securing other IT systems. Protecting EVs and their systems is critical, as cyberattacks are inevitable if defenses are not taken seriously. In practice, securing an EV is as important as securing computers at home or work.
EU’s New Cybersecurity Regulation for EVs
An EU regulation enacted in July requires all new vehicles to incorporate cybersecurity mechanisms, such as system protections and attack detection systems.
“Regulation is now on track, but real-world implementations will take more time,” Ahlström comments.
Vulnerabilities and Risks with Charging Stations
EV cybersecurity risks include signal interception, system vulnerabilities, and security issues at charging stations. Ahlström points out that manufacturers are already addressing these threats, but companies must ensure their vehicle fleets are protected with up-to-date software and security systems.
Integrating EVs into Corporate Cybersecurity Practices
For companies, EV cybersecurity should be viewed as part of a comprehensive cybersecurity strategy, including timely software updates and responding to manufacturer recalls. Vesa Kalske, Commercial Director at Drivalia Lease Finland, highlights that the company supports clients with brand-specific inquiries through a broad partner network.
Corporate users should also be mindful of the apps they use within vehicle systems and the credentials they enter. Although individual drivers may have limited control, their actions still play a role. As EV systems become increasingly integrated with company email and other systems, it’s critical to prioritize password management.
“Using company email on the vehicle’s display calls for a new level of discussion on security policy within companies,” Ahlström concludes.
Regulation is now on track, but real-world implementations will take more time.
Jarno Ahlström, Check Point Software Technologies Tweet
Using company email on the vehicle’s display calls for a new level of discussion on security policy within companies
Jarno Ahlström, Check Point Software Technologies Tweet