Yutong responds to cybersecurity allegations: “Remote control technically impossible”
Yutong has rejected allegations from Norway’s Ruter that its new electric buses could be remotely accessed, calling the scenario “technically impossible”. Speaking to the German newspaper Berliner Zeitung — and reported also by trade agency Electrive — Yutong stated that such remote control is “technically impossible.” Reportedly, the company explained that while its vehicles feature […]
Yutong has rejected allegations from Norway’s Ruter that its new electric buses could be remotely accessed, calling the scenario “technically impossible”.
Speaking to the German newspaper Berliner Zeitung — and reported also by trade agency Electrive — Yutong stated that such remote control is “technically impossible.” Reportedly, the company explained that while its vehicles feature data connections for diagnostics and over-the-air software updates, there is no physical connection between the telematics unit (T-Box) and safety-critical systems like steering, propulsion, or braking.
Yutong: vehicle data are stored in Frankfurt
Yutong clarified that all vehicle data for the EU is stored on Amazon Web Services servers in Frankfurt, used exclusively for maintenance and performance optimisation, and protected by encryption and restricted access protocols.
The manufacturer also specified that over-the-air updates are conducted only with the operator’s explicit approval and are limited to comfort, interface, and diagnostic functions, without affecting vehicle control systems. Certain remote features, such as preconditioning cabin temperature, are managed entirely by local operators, with no direct access from Yutong.
In late October, Norwegian public transport operator Ruter had shared the results of a cybersecurity test of electric buses, conducted in an isolated mountain environment.
The trials, involving a new Yutong bus from China and a three-year-old VDL bus, identified potential risks linked to Over-The-Air software updates in modern buses. Ruter stated it is now implementing measures to secure the fleet and is coordinating with national authorities to define clear cybersecurity standards.
However, it must be stressed that these risks cannot be attributed to the origin of the product, but rather to technological innovation introduced in new generations of buses, which now incorporate OTA updates. This applies not only to Yutong models but also to other modern buses, as the OTA capabilities are also introduced on the new Mercedes eIntouro for instance.
