The public transport operator in Norway’s capital said Tuesday that some electric buses from China have a serious flaw — software that could allow the manufacturer, or nefarious actors, to take control of the vehicle.
Oslo’s transport operator Ruter said they had tested two electric buses this summer — one built by China’s Yutong and the other by Dutch firm VDL.
The Chinese model featured a SIM card that allowed the manufacturer to remotely install software updates that made it vulnerable, whereas the Dutch model did not.
“We’ve found that everything that is connected poses a risk — and that includes buses,” Ruter director Bernt Reitan Jenssen told public broadcaster NRK.
“There is a risk that for example suppliers could take control, but also that other players could break into this value chain and influence the buses.”
Ruter said it was now developing a digital firewall to guard against the issue.
The national government said it was studying the issue.
“We want to thoroughly assess the risks associated with having buses from countries we do not have security cooperation with,” Transport Minister Jon-Ivar Nygard told NRK.
Yutong did not immediately react to a request for comment from AFP.
Ruter operates roughly 300 Chinese electric buses in Oslo and the surrounding area, but it was unclear if any of them had the security flaw.
Add Comment