Norway has launched a cybersecurity review after public transport operator Ruter discovered that electric buses supplied by Chinese manufacturer Yutong contained hidden SIM cards enabling potential remote access.

According to Ruter, internal tests at a secure facility found Romanian SIM cards inside the buses, theoretically allowing the Chinese supplier to shut down vehicles or interfere via software updates. The transport operator stressed there is no evidence of misuse but said the discovery moves concerns “from suspicion to concrete knowledge”.

Ruter has removed the SIM cards and is strengthening procurement rules, internal firewalls, and cloud-security requirements to ensure full local control over transport operations.

Norway’s Minister of Transport Jon-Ivar Nygård told national broadcaster NRK that the government is assessing supplier risks from countries outside Norway’s security alliances, noting the need to protect critical infrastructure.

Around 1,300 electric buses operate in Norway, including approximately 850 units from Yutong, with 300 running in Oslo and Akershus. Ruter said the likelihood of attempted interference remains low, but the situation underscores the growing cybersecurity challenges linked to foreign technology suppliers.

The case comes as Chinese electric buses are increasingly adopted across global markets, including Southeast Asia, raising wider questions about digital security and strategic dependencies in public transport systems.

“It’s unlikely these buses would ever be misused,” Ruter CEO Bernt Reitan Jenssen said, “but we must take the risk seriously.”

Source: Carscoops