Key Takeaways
- Norway discovered Chinese-made electric buses could be remotely accessed and disabled from China
- Authorities removed SIM cards as an emergency measure, blocking updates
- Denmark is now checking its fleet of 262 Yutong buses for similar vulnerabilities
A routine security check in Norway has uncovered a critical vulnerability in Chinese-made electric buses that could allow remote shutdowns, sparking immediate action from Norwegian authorities and urgent investigations in Denmark.
Oslo’s public transport authority discovered during testing that Yutong electric buses could be accessed remotely from China, raising concerns the manufacturer could disable the entire fleet within seconds.
Norway’s Emergency Response
In response to the discovery, Norway’s transport authority Ruter took drastic action by removing SIM cards from the affected buses. This emergency measure blocks potential remote interference but also prevents essential software updates needed to maintain vehicle performance.
The finding has stunned European transport authorities, highlighting previously unknown cybersecurity risks in the continent’s growing electric vehicle infrastructure.
Denmark’s Security Scramble
Following Norway’s discovery, Denmark’s largest public transport provider Movia is now examining its own fleet of 262 Yutong electric buses. Officials are urgently determining whether these vehicles pose similar security threats.
Movia Chief Operating Officer Jeppe Gaard emphasized the broader implications, stating: “This is not a Chinese bus problem. It is a problem for all types of vehicles and devices with Chinese electronics built in.”
Manufacturer Response and Industry Concerns
Yutong defended its security protocols, asserting the company “strictly complies with the applicable laws, regulations, and industry standards.” The manufacturer stated that data is encrypted and used exclusively for vehicle maintenance and optimization, requiring customer authorization for access.
Danish civil protection agency Samsik confirmed no known cases of remote access have occurred but acknowledged that sensors, cameras, and microphones in modern vehicles create potential security risks that require careful management.
Broader Implications for European EV Market
The discovery comes as Chinese electric vehicle brands like BYD and XPeng expand aggressively across European markets, with BYD recently becoming the continent’s top-selling brand. Despite Norway’s world-leading EV adoption rates—over 97% of cars sold in 2025 were electric—the incident demonstrates that cybersecurity concerns are becoming unavoidable even in advanced markets.
As Europe accelerates its transition to electric transport, this security breach serves as a critical reminder that while clean energy represents the future, robust cybersecurity measures are equally essential for sustainable transportation infrastructure.
