SaiFlow's Blog

Featured

SaiFlow and CrowdStrike Partner to Secure EV Charging Sites and Energy Networks

SaiFlow and CrowdStrike join forces to deliver energy-contextual threat detection and unified SIEM visibility for EV charging and distributed energy networks

Latest insights and industry updates

image of a traffic control center (for a mobility and transportation)

May 2023 Security Advisory for ABB Terra AC Charging Station

On May 17, 2023, ABB published an advisory for CVE-2023-0863 & CVE-2023-0864, an Authentication Bypass and Plaintext Communication vulnerabilities.
image of a traffic control center (for a mobility and transportation)

Free Vending Mode Security Best Practices

Threat actors could abuse Free Vend functionality to perform energy theft by abusing the CSMS of public and private EV fleet charging sites.
image of a traffic control center (for a mobility and transportation)

NEVI Program Cybersecurity Requirements

Understand NEVI cybersecurity requirements to enhance your offering and maximize your site’s NEVI scoring criteria with Saiflow's platform.
image of a traffic control center (for a mobility and transportation)

How Mishandling of WebSockets Can Cause DoS and Energy Theft

The SaiFlow Research Team recently discovered a flaw in the implementations of management systems for Smart EV charger points (Charging Stations Management Systems – CSMS) allowing attackers to cause Denial of Services (DoS) and perform energy theft.
image of a traffic control center (for a mobility and transportation)

Hijacking EV Charge Points to Cause DoS

Cyber attackers can disable EV Charge Point and cause DoS, by exploiting Open Charge Point Protocol (OCPP). The attack method combines two new vulnerabilities that were found...