FT: Britain explores possibility of remote access to Yutong electric buses

The UK government is investigating whether hundreds of Chinese-made electric buses on British roads could be remotely deactivated, in the latest sign of concern about Beijing’s role in the country’s infrastructure.

Transport officials are working with the National Cyber Security Centre to assess whether Yutong, the world’s biggest bus maker, has remote access to the vehicles’ control systems for software updates and diagnostics, The Financial Times writes.

The probe follows an investigation in Norway that found Yutong buses could be “stopped or rendered inoperable” by the Zhengzhou-based company. Those findings have also prompted Denmark to launch its own review.

Yutong has supplied about 700 buses to the UK market, primarily in Nottingham, south Wales and Glasgow, operated by groups including Stagecoach and FirstBus.

The company is hoping to sell more vehicles in London, where it has developed a double-decker electric bus that meets the standards of Transport for London.

The Department for Transport said: “We are looking into the case and working closely with the UK’s National Cyber Security Centre to understand the technical basis for the actions taken by the Norwegian and Danish authorities.”

Ruter, Oslo’s public transport company, said last month that it had tested a new bus from Yutong and a three-year-old one from Dutch manufacturer VDL in an underground mine to check whether it could be hacked or used for intelligence purposes.

The Chinese company had remote access to its bus including the battery and power supply management system, Ruter found.

The VDL bus did not have the same remote access. “In theory, the [Yutong] bus could therefore be stopped or rendered inoperable by the manufacturer,” Ruter added.

Ruter said it could retain local control over the Chinese bus by removing its sim card as all connectivity passed through it.