Home | My Feed | Saved Stories | About | Privacy
Back

Transport Canberra Initiates New Investigation into Chinese Electric Bus Cybersecurity

Show me the source 1 Sources
Generated on: Last updated:

Investigation Launched

Transport Canberra has initiated a new investigation into its fleet of Chinese-made electric buses due to escalating cybersecurity concerns.

International Concerns

Reports from British media indicate that the UK's National Cyber Security Centre and Department for Transport identified that Yutong electric buses could be remotely disabled from China via a "kill switch." The Norwegian transport operator Ruter raised a similar issue in November.

Australian Context

Yutong electric buses are extensively used in Canberra, with the ACT government procuring 90 vehicles in 2023 as part of its zero-emissions initiative. These buses are also deployed on a smaller scale in New South Wales and Queensland.

Transport Canberra's Response

Transport Canberra previously investigated this matter last year and reported no security vulnerabilities were found. Executive group manager Jeremy Smith stated to the ABC, "At the moment, we don't have a concern." He added that given recent observations from Europe, they have re-engaged with Digital Canberra to re-examine the issue and assure the community.

VDI Australia, Yutong's Australian distributor, informed Transport Canberra that the buses operating in Australia differ from the European models. Mr. Smith confirmed that Australian buses do not support "over-the-air" updates from Yutong; instead, updates are applied by mechanics in workshops. He noted that while there is connectivity, it is primarily for monitoring bus performance.

Cybersecurity Expert's View

Alastair MacGibbon, chief strategy officer at CyberCX and a former cybersecurity advisor to Prime Minister Malcolm Turnbull, expressed concerns regarding Chinese electric vehicle imports. He stated that the risk increases with each vehicle added that is manufactured in, and potentially controlled by, a state with differing national interests. MacGibbon highlighted potential risks such as:

  • Degrading safety features.
  • Altering braking systems.
  • Disabling lights at night.
  • Overfilling batteries, potentially leading to overheating or explosion.

MacGibbon asserted that the steps taken by Transport Canberra do not mitigate the threats identified in overseas Yutong buses. He argued that it is irrelevant if Transport Canberra uploads the software, as they would not review every line of code or understand its function. He described the situation as "sleepwalking into a larger threat to our national interest."

Yutong's Statement

Yutong has consistently stated its commitment to vehicle data security and customer privacy, affirming compliance with data protection laws. A company spokesperson clarified in November that Yutong vehicles in Australia "do not support remote control of acceleration, steering, or braking signal."

Current Status

Transport Canberra's Yutong bus fleet will continue to operate while the new investigation proceeds.