MaDEVIoT: Cyberattacks on EV Charging Can Disrupt Power Grid Operation

This paper examines the feasibility of demand-side cyberattacks on power grids launched via internet-connected high-power EV Charging Stations (EVCSs). By distorting power grid frequency and voltage, these attacks can trigger system-wide outages. Our case study focuses on Manhattan, New York, and reveals that such attacks will become feasible by 2030 with increased EV adoption. With a single EVCS company dominating Manhattan, compromising a single EVCS server raises serious power grid security concerns. These attacks can overload power lines and trip over-frequency (OF) protection relays, resulting in a power grid blackout. This study serves as a crucial resource for planning authorities and power grid operators involved in the EV charging infrastructure roll-out, highlighting potential cyberthreats to power grids stemming from high-power EVCSs.