A potential security threat has been uncovered in the UK, raising concerns about the remote control of Chinese-made electric buses. The ability to remotely deactivate these buses mid-transit has sparked an investigation, leaving many questions unanswered.
The UK government, in collaboration with the National Cyber Security Centre, is examining whether Yutong, a Chinese bus manufacturer, has remote access to software updates and diagnostics for the control systems of their vehicles. This follows an investigation in Norway, which revealed the existence of a "kill switch" within Yutong's buses.
With approximately 700 Yutong buses operating on British roads, predominantly in Glasgow, Nottingham, and south Wales, the potential impact of this security loophole is significant. The concern extends to other Chinese bus manufacturers like BYD, which has a substantial presence in the UK with over 2,500 buses, including more than 1,000 in London.
Yutong has developed a double-decker electric bus specifically designed to meet Transport for London's standards, and the company has even unveiled a red version of this bus. However, the Department for Transport has acknowledged the recent speculation surrounding electric bus manufacturers and has stated that they are taking the matter seriously, working closely with intelligence agencies to assess and mitigate potential risks.
The intervention by British authorities was prompted by a letter from Euan Stainbank, the Labour MP for Falkirk, and Jim Allister, the TUV MP for North Antrim, who urged the buses minister, Simon Lightwood, to investigate. The MPs expressed their concern about the potential security risk posed by the number of Chinese-manufactured electric buses on UK roads, highlighting the possibility of remote access and exploitation of control systems while the buses are in transit.
Euan Stainbank and Jim Allister called for an urgent investigation into the operation and numbers of existing Chinese buses in the UK, as well as the prospect of Chinese manufacturers disabling these buses remotely. In response, Yutong stated that they strictly adhere to applicable laws and industry standards and that the data collected is solely for vehicle maintenance and improvement purposes, protected by encryption and access control measures.
Transport for London clarified that they do not have Yutong buses in operation and that any buses entering service in London must meet their rigorous technical requirements and undergo extensive testing. Sir Iain Duncan Smith, a Conservative MP and former party leader, went further, stating that Chinese-made buses should not be on UK roads at all, citing concerns about their use as listening devices and the mandatory cooperation of Chinese companies with their government's data requests.
This issue has sparked a debate about the potential risks associated with Chinese technology and infrastructure, leaving many to wonder: In an era of increasing technological integration, how can we ensure the security and privacy of our critical systems? And what steps should be taken to address these concerns without compromising our transportation needs and infrastructure development?
