Authorities in Denmark are urgently studying how to close an apparent security loophole in hundreds of Chinese-made electric buses that enables them to be remotely deactivated.
The investigation comes after transport authorities in Norway, where the Yutong buses are also in service, found that the Chinese supplier had remote access for software updates and diagnostics to the vehicles’ control systems – which could be exploited to affect buses while in transit
Over the air updates and remote diagnostics are both things that are sold as features and are often even requested by the transportation companies.
To be honest I am a bit surprised that they are surprised this exists.
To be completely honest: there are even ECE regulations regarding software updates over the air.
This is nothing new and nothing special. Almost all vehicles these days are connected to their manufacturer.
Also regarding deactivating this „feature“. It is usually quite simple, just unplug the connectivity ECU.
Guess they didn’t request this feature. Not this way at least