UK Investigates Remote Kill Switch Risk On Chinese Made Electric Buses

The UK government has launched a security investigation into a reported vulnerability that could allow hundreds of Chinese-made electric buses to be remotely deactivated mid-transit. Officials are collaborating with the National Cyber Security Centre to scrutinise whether Yutong, a leading Chinese bus manufacturer, maintains remote access to the software and control systems of their vehicles.

Concerns have been fuelled by a recent investigation in Norway, where authorities discovered that Yutong had the capability to trigger a so-called “kill switch” while buses are in operation. The Danish government has responded by conducting a rapid review of Yutong buses following these revelations. Approximately 700 Yutong electric buses are currently in service across the UK, concentrated in cities such as Glasgow, Nottingham and regions in south Wales. Rival manufacturer BYD supplies nearly 2,500 buses domestically, including a significant fleet in London. Yutong has also developed a double-decker electric bus for the capital, debuting a specially designed model last month.

The Department for Transport emphasised its commitment to national security, confirming active engagement with intelligence agencies to assess and mitigate potential threats. The current review is intended to understand the technical reasoning behind the actions taken by Norwegian and Danish authorities and to determine any implications for the UK’s public transport network.

Parliamentary pressure has mounted, with Labour’s Euan Stainbank and TUV’s Jim Allister urging transport minister Simon Lightwood to commission an urgent review into both the scale and the operational risk posed by Chinese-manufactured buses. The MPs expressed concern that remote access could render the UK’s public transportation susceptible to exploitation or disruption, with calls for local authorities and operators to urgently assess their fleets.

Yutong responded to the scrutiny by stating the company “strictly complies with the laws, regulations and industry standards of every country where its vehicles operate”. The manufacturer insists that all vehicle data is encrypted, access is tightly controlled, and no data can be reviewed without customer consent, in compliance with EU data protection regulations.

Transport for London clarified that its fleet does not currently include Yutong buses and reiterated the rigorous technical and security standards imposed on any new vehicles entering service in the capital. Political voices such as Sir Iain Duncan Smith have spoken out against reliance on Chinese bus manufacturers, citing concerns about state-mandated involvement and potential data security risks. As scrutiny intensifies over supply chain security, the unfolding investigation could have significant ramifications for future procurement decisions and public trust in the sector.