-
16:40
-
13:00
-
17:00
-
16:00
-
10:20
-
10:00
-
09:30
-
16:20
-
15:00
Follow us on Facebook
Cybersecurity alert: Hundreds of European buses remotely controllable from China
Norway has uncovered a major cybersecurity vulnerability: around 850 electric buses built by the Chinese manufacturer Yutong can be remotely controlled or disabled by the company — a discovery raising serious concerns across Europe.
The revelation came after tests conducted by Ruter, Oslo’s public transport operator, showed that Yutong buses contained SIM cards allowing remote access. Through these, the manufacturer could potentially halt operations or shut down vehicles at any time, posing a strategic risk to national infrastructure.
The investigation, carried out in underground facilities to block external signals, compared a Chinese Yutong model with a Dutch VDL bus. The latter had no remote software access, while Yutong’s bus was found to include a system capable of updating software and controlling the battery and power supply remotely.
Although the buses cannot be driven remotely — they lack cameras and road-marking sensors — experts warned that the ability to cut power or disable systems could disrupt public transport “in seconds” if exploited.
Ruter has since announced new firewall protections and stricter cybersecurity requirements for future tenders. If needed, the buses can be disconnected from the Internet by removing the SIM card.
Despite these revelations, Norway’s government is not planning to halt purchases of Chinese buses. “There will likely be more orders,” admitted Transport Minister Jon-Ivar Nygård, citing environmental commitments that require all new public buses to be zero-emission as of 2025.