The United States is moving to ban Chinese connected car technology, citing fears the cars could spy on and assassinate their drivers.
“Today's vehicles are equipped with cameras, microphones, GPS tracking devices and other internet-connected technology. It is not difficult to imagine how foreign adversaries with access to this information could pose serious risks to both our national security and the privacy of our citizens,” Commerce Secretary Gina Raimondo said earlier this week.
“In extreme circumstances, a foreign adversary could simultaneously shut down or take control of all vehicles operating within the United States.”
The move comes just days after widespread attacks on Hezbollah militant fighters in Lebanon saw personal pagers and walkie-talkies explode, demonstrating their power to disrupt critical everyday technology.
The attack was allegedly planned by Israel, but the country has yet to claim responsibility.
“There is already ample evidence [China] National Security Adviser Jake Sullivan added that the group “pre-positioned malware on our critical infrastructure with the intent to disrupt and sabotage.”
“And with potentially millions of vehicles on the road with life spans of 10 to 15 years, the risk of disruption and vandalism increases dramatically.”
Digital Duel
The proposal to ban “connected” Chinese cars comes after the United States and its Five Eyes intelligence partners, which include Australia, foiled two major Beijing-backed hacking operations that targeted more than 200,000 consumer devices worldwide.
Earlier this month, a Chinese hacking campaign dubbed “Flax Typhoon” was revealed to be targeting university, government and telecommunications employees.
Home computers, internet routers and webcams were targeted in the attacks, which were aimed at stealing confidential data and tracking user activity.
Earlier this year, another Chinese hacking group, known as Bolt Typhoon, was found to have infiltrated critical infrastructure such as power grids and wastewater treatment plants.
“Make no mistake: this is just one round in a much longer battle,” FBI Director Chris Wray warned at the time.
“The Chinese government will continue to target your organizations and our critical infrastructure, either by its own means or hidden through its proxies.”
Chinese car maker BYD (sold as Build Your Dreams in Australia) recently overtook billionaire Elon Musk's Tesla to become the world's top maker of semi-autonomous and electric vehicles (EVs).
Chinese auto brands have made big inroads in European and Australian markets but have yet to gain a foothold in the United States.
Cyber Apocalypse
“In theory, if there are millions of vehicles on the road and the software is disabled, we could see the most dire consequences,” Commerce Secretary Raimondo told media.
The ministry proposes that the ban on Chinese-made vehicle software would come into effect in 2027, and on hardware from 2029.
This applies to all vehicles equipped with Bluetooth, satellite, wireless internet access capabilities and self-driving AI.
China pointed to separate steps taken by the White House last week to raise tariffs by 100% on Chinese-made electric vehicles as well as impose new tariffs on electric vehicle batteries and critical minerals, and denounced the move as a secret trade embargo.
However, the Australian Strategic Policy Institute (ASPI) Intelligence Analyst Chris Taylor It says high-tech espionage is a serious and growing concern.
“There has been a resurgence of sabotage – destroying, damaging and disrupting for military and political gain,” he wrote.
Hezbollah's pager and walkie-talkie attacks have exposed the vulnerability of international supply networks.
But he added that suspicious fires at Western munitions factories supporting Ukraine were also linked to Russian infiltration activities.
“When your manufacturing base is almost entirely outside your borders, including in potential adversaries, it inevitably makes you vulnerable,” Taylor argues.
“While state actors may not have such intentions at present, they could certainly do so in a conflict scenario. That is why 'suppliers of concern' have been excluded from our 5G communications system.”
Homefront
“The stakes for Australia are too high to ignore.” Engineer Jason van der Schyff.
“By taking aggressive steps now to secure our supply chains from potential threats, we can protect our critical infrastructure, ensure our national security, and ensure that our future is in our own hands, not China's.”
At one level, the device can be turned into a remote-controlled bomb.
This is not the first such attack by Hezbollah: in 1996, an exploding cell phone was used to assassinate Hamas bomb maker Yahya Ayyash.
On another level, it can turn your device into a destructive virus Trojan.
It was used against Iranian centrifuges processing uranium for use in nuclear weapons. In 2010, the Stuxnet cyber weapon caused the centrifuges to go out of control and be destroyed.
“In Australia, this challenge is… urgent,” van der Schyff argues.
“As a country that relies on imports for many of our basic needs, from consumer electronics to military equipment, the possibility of supply chain disruptions looms large, especially given that much of this equipment is manufactured in China.”
He added that any electronic device connected to the internet, be it a router, USB stick, phone or car, “can be compromised at any stage of its journey from manufacturer to end user. Interdiction attacks that tamper with hardware during transport are not difficult to carry out, especially along complex transport routes.”
The risks can only be mitigated by diversifying supply chains and reviving Australia's devastated manufacturing industry, coupled with extensive blockchain security tracking technology and integrity testing.
That comes at a cost, Taylor said.
“There are economic costs that must be balanced against the risks and opportunity costs of using security resources in this way,” he argues.
“These costs reveal a further objective of the sabotage operation: to divert resources from defense capabilities to secure supply chains and inventories.”
