Norway at Risk: Chinese Electric Buses Can Be Remotely Disabled Due to Serious Security Vulnerability
In Norway, concerns have escalated over a critical security flaw found in Chinese-manufactured Yutong electric buses used in public transportation networks.
The leading transport operator Ruter revealed that internal tests confirmed the possibility of remote access to the buses’ control systems, which could lead to their shutdown or immobilization at any moment.
Such a vulnerability poses an unprecedented threat to the stability of the country’s public transport system, as malicious actors could potentially seize control of the fleet, causing widespread disruptions.
According to Ruter, the manufacturer has direct digital access to each bus for software updates and diagnostics, which, if misused, could be exploited to interfere with bus operation.
Although Yutong officials assured that the data is encrypted and stored in Germany, this did not quell concerns among Norwegian and neighboring Danish authorities, who are now reassessing their cybersecurity risks related to transportation fleets.
In response, Norwegian experts are implementing measures such as firewalls and stricter security protocols for future procurement, and collaborating with government agencies to develop national safety standards.
This incident underscores the hidden dangers of integrating foreign technology into critical infrastructure without adequate oversight, highlighting the potential for significant national security impacts if such vulnerabilities are exploited.