Mounting worries regarding reliance on technology are transforming Europe’s strategy for public transit and digital security. A sector that was previously calm and effective in Scandinavia is now the focal point of an intense discussion concerning national defense and digital autonomy.
Growing concerns regarding Chinese-manufactured buses
Public transportation operators in Denmark and Norway are confronting a potential security flaw in their electric bus fleets, specifically in vehicles produced by Yutong, the world’s largest bus manufacturer based in Zhengzhou, China. The issue stems from the buses’ ability to receive remote software updates and diagnostic checks — a feature that, while technologically advanced, also raises concerns that the vehicles could be immobilized or manipulated from afar.
Movia, the premier public transportation authority in Denmark, has conceded that this wireless capability could enable an external entity—be it the producer or a cybercriminal—to remotely incapacitate a bus. Jeppe Gaard, Movia’s chief operating officer, clarified that this issue isn’t exclusive to Chinese manufacturers but represents a wider concern linked to the growing digital integration in contemporary vehicles. Both electric cars and buses, he pointed out, are heavily dependent on networked systems that are, theoretically, susceptible to remote access and deactivation.
Since 2019, Movia has integrated over 260 Yutong buses into its operational fleet for Copenhagen and eastern Denmark. Comparable worries were voiced in Norway, where Ruter, a prominent public transport operator, conducted an independent inquiry. The firm executed controlled evaluations of both Yutong and Dutch-manufactured VDL buses within protected, subterranean facilities. The results indicated that while the Dutch models lacked the functionality for remote updates, Yutong retained direct digital connectivity to its vehicles for software enhancements and diagnostics — implying that, at least hypothetically, the buses could be disabled remotely, despite not being capable of remote driving.
China’s response and data protection assurances
Yutong has responded to these claims by affirming its compliance with international regulations and emphasizing its commitment to data privacy and cybersecurity. The company stated that all vehicle data within the European Union is securely housed in an Amazon Web Services data center located in Frankfurt, Germany. Yutong further assured that all stored information is encrypted, protected by strict access controls, and inaccessible without explicit customer authorization.
Despite these reassurances, European authorities and transit companies remain cautious. The incident has intensified discussions about Europe’s growing dependency on Chinese technology — a relationship characterized by mutual economic benefits but shadowed by deep geopolitical mistrust. Beijing’s alleged involvement in cyber espionage, intellectual property theft, and surveillance activities has led many European leaders to reconsider the long-term implications of their reliance on Chinese suppliers for critical infrastructure.
A broader European dilemma
The examination of Yutong’s buses represents just one recent chapter in Europe’s intricate technological ties with China. Throughout the continent, political leaders are striving to achieve a careful equilibrium: harnessing China’s sophisticated production prowess while simultaneously safeguarding national interests. Recent occurrences, such as the Netherlands’ move to take over the Chinese-owned chip manufacturer Nexperia, have intensified worries that Europe’s automotive and tech industries might encounter significant disturbances should diplomatic or commercial disputes arise.
Many administrations have already implemented measures to restrict susceptibility to potential weaknesses. Several European countries, emulating the United States, have purged Huawei and ZTE apparatus from their 5G infrastructure, citing espionage and data manipulation hazards. Currently, focus has shifted to the rapidly expanding sector of Chinese electric vehicles. As per JATO Dynamics, Chinese EVs saw their market penetration in Europe double in early 2025, surpassing 5% — a statistic that underscores both consumer demand and regulatory apprehension.
China, for its part, has dismissed Western fears as unfounded and politically motivated. Earlier this year, a spokesperson for China’s Foreign Ministry criticized U.S. restrictions on Chinese automotive technology, arguing that such measures “overstretch the concept of national security.” Chinese officials maintain that their companies operate transparently and pose no threat to foreign nations.
Western Intelligence Worries
Security specialists throughout Europe, however, maintain a degree of skepticism. Richard Dearlove, the former head of MI6, cautioned that Western administrations are confronting a predicament akin to the one presented by Huawei during the deployment of 5G technology. From his perspective, the growing ubiquity of internet-connected automobiles produced by Chinese companies might introduce novel points of weakness. He posited that, under the most dire circumstances, China could hypothetically incapacitate numerous electric vehicle fleets in prominent urban centers — a situation capable of paralyzing transit systems during an emergency.
Still, some cybersecurity professionals argue that such a scenario, while technically feasible, is unlikely. Ken Munro, founder of the British-American firm Pen Test Partners, noted that any internet-connected vehicle — whether produced by a Western or Chinese company — carries inherent risks of remote interference. Even well-known brands like Tesla, he explained, depend on software connectivity that could be exploited under specific conditions.
In light of these worries, Ruter has put in place several safeguards, such as improved cybersecurity measures, firewalls, and more rigorous scrutiny of upcoming vehicle purchases. The organization is also collaborating with national agencies to define more precise cybersecurity guidelines for public transportation networks. Nevertheless, specialists are still split on the adequacy of these preventative steps. Munro warned that the sole guaranteed way to eradicate the danger would be to entirely disconnect vehicles from the internet — an action that would simultaneously impede the capacity to carry out essential updates and remote upkeep.
Where groundbreaking ideas meet susceptibility
The debate unfolding in Scandinavia underscores a broader paradox of the digital age: the same technologies that enable efficiency and innovation can also expose systems to new forms of risk. As cities strive to modernize public transport and reduce carbon emissions through electrification, they must also grapple with questions of technological sovereignty, data privacy, and national security.
Europe’s reliance on Chinese-made components and software extends far beyond public transport. From communication networks to renewable energy infrastructure, the continent’s modernization is deeply intertwined with China’s industrial ecosystem. As global tensions rise, the challenge for European nations will be to secure their technological independence without stalling their progress toward sustainability and innovation.
The controversy surrounding Yutong’s buses has made one thing clear: cybersecurity is now as crucial as clean energy in shaping the future of urban mobility. The issue is not confined to any one country or manufacturer — it represents a defining test for the next phase of Europe’s digital transformation.
In the end, as Ken Munro aptly summarized, the debate boils down to one word — trust. And in an increasingly interconnected world, trust may prove to be the most valuable and fragile asset of all.
