We should kill Chinese kill switches

A huge number of Chinese electronics products can be remotely accessed, repurposed, controlled and shut down. Malice or incompetence? It doesn’t matter.

Nov 17, 2025

The best thing about government-backed cyber attacks is deniability.

The countries that are really good at it (China, Russia, Iran, North Korea, and, of course, the United States) find hacking irresistible.

Cyber attacks let nations pursue geopolitical goals quietly, under the metaphorical radar. Enemies can wage a new kind of “lukewarm war,” somewhere between cold war and hot war, safely and cheaply.

When caught, government spokespeople always act out that scene in the movie Casablanca, where the Prefect of Police tells Humphrey Bogart: “I’m shocked — shocked! — to find that gambling is going on in here” (right before being handed his winnings).

The motives for government-sanctioned hack attacks vary by nation.

Russia hacks as part of blended attacks combining disinformation, disruption, and sabotage to destabilize and divide democratic countries and influence our elections.

Iran hacks for spying and revenge.

North Korea hacks for money via crimes and fraud to prop up its weak economy.

The US hacks to spy, defend against cyber attacks, and disrupt adversaries’ military capabilities.

For decades, China hacked mainly to steal intellectual property and technologies. As it rose as a global power (partly based on stolen military technologies), it added the strategy of preparing for war against the US, Australia, Europe, and others.

The biggest Chinese cyber attacks against the US, including the OPM Data Breach, the Equifax Hack, Operation Aurora, Salt Typhoon, and Volt Typhoon, positioned China to attack public services like power, water, telecom, and transport during a future war. The plan is to slow down U.S. military deployments, create public disorder, and weaken emergency response during a crisis, especially during the coming Taiwan war (China has been getting ready for decades to invade and take over Taiwan).

Some attacks, like the mass harvesting of US citizens’ personal data (social security numbers, addresses, fingerprints, background check forms, credit records, financial information, and other personally identifiable information, as well as call records stolen from telecoms) are concerning. During a future conflict, China is likely to use this information for espionage, identity theft, recruitment, and blackmail, and for crafting highly targeted influence operations.

In a way, these attacks are the Chinese version of Russia’s long practice of planting sleeper agents in American cities pretending to be Americans, who can be “activated” during times of conflict (as shown in the 2013-2018 FX TV series, “The Americans”).

It was in the context of China’s known practice of hacking for war preparation that Norway began to worry about its buses.

The kill-switch controversy

A Norwegian transport company called Ruter recently tested its Chinese-made Yutong electric buses. They used a makeshift Faraday cage (an underground garage where electromagnetic signals couldn’t get through). There, they found unknown and undocumented systems for remote updates and diagnostics.

But they also found something really concerning: a system for remotely shutting down buses.

The UK transport company, Pelican Bus and Coach, which owns about 700 Yutong buses, said that its buses are compliant with EU rules, but has not talked about remote shut-down capabilities. (The company did say that bus air conditioning can be controlled remotely. China is apparently preparing for a “cold war.”)

Denmark and Australia are also looking into whether their Yutong buses could be turned off remotely.

The bus kill switch issue comes after a long history of global suspicion about electronics made in China.

The U.S., UK, Australia, and some European countries banned Huawei and ZTE telecom hardware because of the risk of “backdoors” enabling espionage or remote shutdowns in a conflict.

The FCC put Huawei, ZTE, Hikvision, and Dahua on a list of equipment seen as national security risks, stopping new sales, licenses, and government purchases.

Washington took away China Telecom’s permission to operate in the U.S. because of its ability to spy remotely and shut down services.

U.S. energy officials found “kill switches” and rogue cellular radios in Chinese-made power inverters used in solar farms. These can turn off or change important power supplies from a China and could lead to blackouts.

European investigations discovered “undeclared circuitry” in Chinese solar parts that could be used for blackmail or sabotage.

The FBI, CISA, and federal agencies warn that Chinese-made drones could be a security risk. The 2025 National Defense Authorization Act says that if a security check doesn’t clear DJI by December 23, 2025, DJI will be automatically banned in the US.

Israel’s Defense Ministry stopped buying Chinese smart cars and devices after finding out they could send sensitive data to Beijing.

Chinese medical devices used in U.S. health systems are flagged as potential risks for data harvesting and remote control vulnerabilities by the FDA, CISA, and the American Hospital Association.

And the most cyberpunk example: Two cybersecurity researchers found that the China-based robot maker Unitree pre-installed an undocumented remote access backdoor into every dog-shaped Go1 robot, potentially enabling Chinese military to watch through the robots’ video feeds or remotely control them. Theoretically, China could activate and control a robot-dog army from Beijing.

Read the rest. Get 90 days free!