sign up log in
Want to go ad-free? Find out how, here.

The United States gets serious about locking out Chinese car makers, citing connected vehicles as national security risks

Technology / news
The United States gets serious about locking out Chinese car makers, citing connected vehicles as national security risks
AI connected car

The United States intends to ban the sale and importation of cars with remote connectivity, in a move that is bound to have massive repercussions worldwide if it is finalised.

A long notice document outlines the reasons for the ban, as collated by the US Department of Commerce following public consultation earlier this year.

In summary, it's due to distrust of supply chains that the US fears can be compromised by state-sponsored threat actors in China mainly. 

Judging by the language from the White House that bluntly says; "Chinese automakers are seeking to dominate connected vehicles in the United States and globally, posing new threats to our national security, including through our supply chains," a level of protectionism is another reason for the ban.

Somewhat surprisingly, the ban covers car components from Russia as well. This looks like a pre-emptive strike against state-owned corporations like Rosavto being used as a loophole for component manufacturing and exports into the US. Hong Kong is named in the ban as well.

Some of the vehicle connectivity systems included in the very broad ban are:

  • Bluetooth
  • Cellular
  • Wi-Fi
  • Satellite
  • Automated driving systems (ADS and ADAS)

Remote acts of sabotage, information gathering from cameras and sensors (even LiDAR is mentioned in the ban), and clandestine mapping are mentioned as threat vectors. The cars could also act as backdoors into US information systems.

"Now more than ever, vehicles are directly connected into our country's digital networks." the White House said.

That cybersecurity applies to cars as well has been known for years now. One famous example saw security researchers Charlie Miller and Chris Valasek hack a Jeep and switch off its engine while going at 110 km/h with Wired journalist Andy Greenberg in the driver's seat.

More recently, Chechnya's Ramzan Kadyrov reportedly accused Elon Musk of remotely disabling the heavily sanctioned dictator's Tesla Cybertruck.

If the ban comes into effect, the ban on software from "countries of concern" would start from model year 2027 cars, with hardware being prohibited from MY2030, or January 1, 2029 if there's no model year on the vehicles.

That's quite a long period of time to allow vehicles with components potentially covered by the ban to be sold. What will happen to already sold cars with such components inside in terms of insurance and second-hand value is not discussed.

Where the ban would leave brands like Cupra, made by Volkswagen-owned Seat and which is made in China is an open question. Cupra is looking to launch in the US over the next few years, and the marque is already concerned about a potential European Union knock-out punch which would see protectionists tariffs levied on China produced vehicles.

Interestingly enough, the document doesn't mention tractors and other agricultural vehicles. More so in the light of the war in Ukraine, where John Deere reportedly remote-disabled tractors pillaged by the Russian invaders.

Note that the US doesn't consider connected vehicles and ADS/ADAS as unsafe per se. 

We welcome your comments below. If you are not already registered, please register to comment.

Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.

12 Comments

Anyone who looks like they might produce a technically superior product to the Americans finds themselves on one of these lists, it seems.

Up
8

Comrade, this remote tech gives an ability to bring all of this tech to a standstill. That is a serious threat to any nation. 

 

Up
4

Exactly. I don't think any car should be connected to the internet and have anything whatsoever controlled by the manufacturer. Sure, go do a dealer and update software, (or pull updates remotely) if required, but instant downloads into a private vehicle or any sort of monitoring by the manufacturer, no way. 

Remember ClouldStrike, that could happen in vehicles as well.

Up
1

It already has:

From 2019 - https://www.wired.com/story/mycar-remote-start-vulnerabilities/

And recently - https://www.roadandtrack.com/news/a62388679/hackers-discover-way-to-rem…

I really don't want all these electronic gubbins as almost none of them add anything to safety or performance.

 

Up
1

They are worried that the cars can access the power grid via the chargers/data points.. Hang on we have thousands of smart solar inverters and they are having more directly connection to power grid, and those solar inverters made in where..? 

Up
2

As it happens, I wrote about that four years ago.

Up
0

Chinese equivalent of the Israeli pagers? Every BYD car will self-drive to target and detonate - lol

Up
3

If it rings, don't answer it......

Up
0

Just wait until the boy racers get hold of them and crack the ECU's for more power, they'll find out all the secrets. 

Up
0

Right , this is why Tory sold her car . 

Up
2

The US hasn't kept up, GM, Ford are protecting their own market under the guise of cars from China been a security threat. But you could say the same thing about any white wear appliance that is wifi connectable. 

This won't stop BRICS or Global South countries buying cheaper and better cars from China now and into the future. And with America making so many threats and sanctions, there is a good bet that many of these countries will slow down on buying US products in fear the US cuts supply chains and support systems to products and services. 

And lets not forget who empowered China, it was the US, they didn't want to use their own people for labor, same goes for all the western countries, our elites wanted cheap labor. 

Up
1

White "wear" that is connected to the internet (or any such "smart" technology - ie not limited to whiteware) IS a security threat.  You might find its time to do some research.

Up
0