Critical infrastructure is one of the main targets for malicious actors. Due to the
crucial dependencies of public services on electric power, all components of the
power generation and distribution process are of great interest to adversaries.
Electric power distribution infrastructure keeps developing and offering new ser-
vices to its users. The development process involves the addition of new automa-
tion mechanisms, software, and hardware components. These developments come
at the cost of the increased attack surface and new security challenges. Electric
Vehicle charging networks are not an exception. Their nature imposes a highly
automated operations model with minimum human supervision. Application Pro-
gramming Interfaces are often used to control and monitor electric charging sys-
tems. It is a software intermediary used for communication between decoupled
computer programs. An Application Programming Interface may become subject
to cyberattacks and proper threat intelligence is therefore important. This work
develops a prototype of a web Application Programming Interface honeypot, mim-
icking an operational Electric Vehicle Charging Network management system. The
study proposes a proof of concept prototype, deployed in the Amazon Web Ser-
vices cloud, using automation tools. The contribution of the research is an afford-
able and scalable web Application Programming Interface Honeypot system, that
can be used by small and middle-size Electric Vehicle Charging Network operators
to collect valuable threat intelligence. The honeypot is a first step towards under-
standing the attack patterns against charging networks in order to build effective
defense mechanisms.