The US banned the use of Chinese and Russian technologies in “connected” cars due to a threat to national security

15 January 2025 2 minutes Author: Newsman

The U.S. Department of Commerce has announced a new rule that bans the import into the country of technology used in vehicle connectivity systems (VCS) and software for automated driving systems (ADS) produced in China and Russia. In particular, telematic control units, as well as cellular, satellite and Wi-Fi functions created in these countries fall under the ban.

This rule only applies to passenger vehicles due to difficulties in the supply of components, but a separate regulation is planned for commercial vehicles such as trucks and buses in the future. The ban takes effect in January 2026 for software and January 2029 for hardware. Manufacturers and importers will have to annually declare compliance with the new rule.

The purpose of the regulation is to minimize the risks associated with the possible interference of the Chinese and Russian governments in the operation of connected cars. According to US Commerce Secretary Gina Raimondo, today’s cars are not only vehicles, but also computers on wheels with Internet connectivity, which poses the threat of leaking personal data and affecting critical infrastructure. The White House also supported the rule, pointing to the activity of Chinese cyber groups, such as Volt Typhoon, which are already carrying out attacks on critical US infrastructure.

The Automotive Innovation Alliance supported the government’s initiative, noting that this decision is necessary to protect information technology. Alliance President John Bozzella said the timeline set by the ministry would allow manufacturers to gradually adapt to the new requirements, given the complexity of the global supply chain.

The main goal was to prevent Russia and China from using connected cars for espionage and cyber attacks. Of particular concern was the possibility of access to personal data of US citizens and remote control of vehicles. Potential threats included the collection of user movement data, audio and video recordings, and the creation of an analysis of citizens’ habits.

The new rules are an important step toward protecting US national security and critical infrastructure. The collaboration between the government and the auto industry also demonstrates the seriousness of the threats that could arise from connected cars produced with the involvement of foreign governments.

Other related articles
News
Read more
How attackers encrypt AWS S3 buckets using SSE-C
--- A new wave of attacks on AWS using SSE-C to encrypt S3 buckets. Attackers use compromised access keys to force companies to pay a ransom to decrypt data, and Halcyon recommends contacting AWS Support to limit SSE-C usage, audit keys, and protect data.
72
Found an error?
If you find an error, take a screenshot and send it to the bot.