The debate about a “kill switch” in Lockheed Martin’s F-35 Lightning II stealth fighter jets was hardly over when a new worry is pestering Europe. Do Chinese electric buses plying across multiple cities in Europe come with a similar “kill switch” that allows Beijing to deactivate them remotely?
In the last month, multiple European countries, including Denmark, the Netherlands, and Norway, have launched probes into whether hundreds of Chinese electric buses running on European roads could be brought to a standstill by Beijing.
The latest to join this growing list of countries is the UK, which has launched an official investigation into Chinese electric bus manufacturer Yutong, one of the largest suppliers of electric buses to the country.
According to a Financial Times report, officials at the UK’s Department for Transport (DfT) are working with the National Cyber Security Centre (NCSC) to determine whether Yutong can access the control systems of its vehicles in the UK for software updates and diagnostics.
Around 700 Yutong buses are currently in operation across the UK, used by well-known groups including Stagecoach and First Bus. Those two companies alone are thought to have more than 200 buses each.
Notably, the company is also seeking to expand into London’s market with a newly launched double-decker electric model designed to meet Transport for London (TfL) standards.
Meanwhile, according to a local Australian media outlet, Region Canberra, the Australian government has launched a similar probe into Yutong buses.
In a separate development, Israel has reportedly begun confiscating Chinese electric cars given to senior IDF officers, amid fears of espionage, data leaks, and national security threats linked to potential unauthorised Chinese government access.
The spate of probes by European countries and Australia comes after a similar investigation by Norway found Yutong buses could be “stopped or rendered inoperable” by the Zhengzhou-based company.
So, did Norway actually find a “kill switch” on Yutong buses?
Norway Probe Results Into Chinese Electric Buses
Norway’s capital, Oslo, had rolled out hundreds of Chinese Yutong electric buses as part of its clean-energy transition.
Last month, Norway launched a probe into its Yutong bus fleet. The probe discovered that China could remotely access these buses and render them inoperable within seconds.
Yutong retained remote access to the bus’s battery and power management systems, unlike a comparable vehicle from Dutch manufacturer VDL, the probe by Norwegian transport operator Ruter found.
The issue was over-the-air (OTA) updates, which provide the manufacturer with remote access and, theoretically, could enable remote shutdowns.
Ruter, however, said there was no evidence Yutong had ever attempted to control or disable its vehicles, but warned the capability existed in theory.
“This bus can be stopped or rendered inoperable by the manufacturer,” the agency said in its report. The risk could be mitigated by removing its SIM card to cut connectivity.
However, removing the SIM card will prevent future software updates and can interfere with the vehicle’s smooth functioning.
So, at least according to the Norway probe, there is a “kill switch” in Chinese electric buses that can be activated remotely by Beijing.
Yutong’s Clarification
There is still debate over which features can be accessed through over-the-air updates.
British company Pelican Bus and Coach, which acts as Yutong’s sole distributor in the UK, said that Yutong “fully understands and highly values the public’s concerns regarding vehicle safety and data privacy protection”.
Last week, Ian Downie, head of Yutong sales for Pelican, said the remote control systems could be used for comfort-based needs, such as AC scheduling, but not for acceleration, steering, or braking.
Downie added, “All software updates are controlled by Pelican with manual physical access only to the vehicles, with prior written authorisation by customers.”
VDI Australia, the local distributor for Yutong in Australia, also provided a similar clarification: while over-the-air update capability exists, all software updates on Australian buses are carried out manually, not remotely.
“While Yutong vehicles have ‘over-the-air’ capability, VDI’s practice in Australia is to perform vehicle software updates physically at our authorised service centres, with customer consent – not remotely,” the spokesperson said.
Yutong also stressed its commitment to cybersecurity.
“Yutong always prioritises vehicle data security and the protection of customer privacy, and fulfils its commitments to cybersecurity management for vehicles and data protection with high standards,” a company spokesperson said.
Is The Problem Specific To Chinese Vehicles?
Over-the-air (OTA) update capability exists in many modern vehicles and is not specific to Chinese buses or cars.
Many automobile companies worldwide, including Tesla, Ford, BYD, BMW, and GM, offer OTA capabilities. These OTA capabilities can differ widely in scope, from limited updates to the infotainment system, Air Conditioners, navigation maps, and ADAS, to remote engine freezing in rare cases.
In many cases, arrangements are made for prior customer authorization before any software updates are installed. In other cases, despite the theoretical OTA capability, software updates are applied only manually at physical stores.
However, many car manufacturers pre-fit cars with engine-starter interrupt devices and GPS trackers. In the event of vehicle theft or if the customer fails to pay car loan installments, the car engine may be seized.
These devices are often referred to as “payment assurance devices.”
Many starter interrupt devices require a borrower to enter a code provided by the dealer each month, after they’ve made an on-time payment. If the payments are missed, the lender can remotely shut off the car’s starter and then use the device’s GPS to track down the vehicle and repossess it.
Many American cars come with such devices.
The point was noted by Denmark’s largest public transport company, Movia, even as it launched a probe into Chinese electric buses.
The issue of remote access is not unique to Chinese manufacturers, Movie said, adding that many electric vehicles (EVs), including those from Western companies, allow software updates via remote connectivity.
So, why the selective outrage over the so-called “kill switch” in Chinese vehicles?
It seems the issue is more political than technical and is intricately linked to the long history of Chinese apps, communication devices, and electronics that have been blacklisted over spying concerns and alleged links to the Chinese government.
Chinese Equipment Banned Over Espionage Fears
There are several notable examples of governments banning or restricting Chinese-made products from military installations or networks, after citing risks of espionage, data leaks, or national security threats.
In 2017, the U.S. Department of Defense (DoD) restricted the use of Huawei and ZTE equipment in military networks and communications systems, based on U.S. intelligence assessments that the equipment could be used to spy on sensitive U.S. military installations.
Furthermore, in 2018, the Pentagon ordered the removal and ban on the sale of Huawei and ZTE mobile phones and devices from retail outlets on U.S. military bases worldwide, due to concerns that these products could enable Chinese espionage through embedded backdoors or data-transmission capabilities.
In 2018, the Australian government also banned Huawei and ZTE from supplying equipment for its National Broadband Network (NBN), including military communications infrastructure, following advice from the Australian Security Intelligence Organisation.
The decision stemmed from fears that the equipment could enable Chinese intelligence agencies to access sensitive defense networks and conduct cyber espionage.
Following the US and Australia’s ban on Huawei and ZTE, the Japanese government also halted the procurement of Huawei and ZTE telecommunications equipment for its defense ministry’s networks and military bases.
The UK government ordered the removal of Huawei equipment from its 5G networks by 2027, explicitly including military and defense-related telecom systems.
The decision to ban Huawei from the UK’s 5G networks in 2020 followed scrutiny of the company’s links to Beijing and fears its equipment could be used for espionage. The decision delayed the country’s 5G rollout and is thought to have cost the UK at least £500 million (US$653 million).
National security laws in China require all citizens and organisations to help Beijing if required. Additionally, Ren Zhengfei, Huawei’s founder and chief executive, served in the People’s Liberation Army (PLA) for almost a decade before founding the company.
In 2022, the US banned the import and sale of surveillance cameras from Chinese firms Hikvision and Dahua for use in government buildings, including military facilities, citing their potential for espionage.
Furthermore, under the American Security Drone Act, federal agencies, including the Department of Defense (DoD), are prohibited from procuring or operating Chinese-made drones starting in December 2025 due to vulnerabilities that could enable remote hacking or the transmission of data to China for surveillance purposes.
Apart from Chinese telecom devices, drones, and surveillance cameras, the US has also imposed bans on Chinese apps such as TikTok, semiconductors from Chinese chipmaker Semiconductor Manufacturing International Corporation (SMIC), and Chinese-manufactured solar power inverters.
Even in the UK, concerns have been raised about Huawei’s dominance in solar panel manufacturing.
The US has also cited potential electronic espionage as the basis for restricting the use of new Chinese cargo terminal cranes at U.S. ports.
According to Carnegie Endowment for International Peace, “China’s access to data and control of software and connected technology in the United States provides Beijing with potential tools to conduct espionage; influence politics; and, in extreme cases, attack critical infrastructure, commercial, and government networks inside the United States.”
Experts have also noted that Chinese autonomous cars driving on U.S. roads collect substantial, detailed information about their surroundings. Even Chinese-made subway or rail cars contain sophisticated sensors that could be used for espionage.
Israel has reportedly started seizing Chinese electric cars given to IDF officers over fears of illegal data collection.
One major concern is that Chinese companies are subject to legal regimes that could compel them to cooperate with Chinese defense and intelligence services.
Clearly, the latest investigations into Chinese electric buses are not an exception but add to the long list of Chinese equipment facing bans and restrictions over fears of espionage, hacking, data transfers, and illegal access.
When such restrictions are initiated by the US, Beijing often rejects them as American propaganda and insecurities stemming from strategic competition with China. It remains to be seen how China responds to the latest probes by European countries.
