China’s NIO ES8 electric cars are continuing to attempt to connect to the BeiDou satellite system inside underground mines in Norway, rather than using GPS. Researchers suggest that the vehicle is constantly sending signals, with 90% of them being directed to China.
According to a report from the official media of Norway’s automotive association, NAF, on Tuesday, a recent study in Norway found that NIO vehicles are persistently trying to establish connections to the internet and satellites within underground mines. This occurs even when the vehicles are completely turned off.
Arild Tjomsland, a senior consultant at the Southeast University of Norway, told the media, “We have noticed that NIO vehicles are attempting to connect to China’s BeiDou satellite navigation system. While the vehicle may only be in the process of locating itself, the choice of BeiDou over GPS is a significant and interesting discovery.”
The BeiDou system is the Chinese equivalent of the Western GPS, developed and maintained by the China National Space Administration. The BeiDou network consists of 35 satellites used for civilian and military purposes.
Security expert, Tor Indstoey, from one of the world’s largest telecommunications companies, Telenor, informed Norway’s public broadcaster that the vehicle is constantly sending signals, with 90% of them going to China.
“We are unsure of the purpose of this information, but it is evidently valuable to foreign intelligence agencies,” Tjomsland added.
The researchers have reported this discovery to the Norwegian authorities.
This issue is particularly noteworthy to the police as Norway is currently in the process of tendering for up to 1,500 new police cars. According to the tender rules, Chinese companies are also eligible to participate in the bidding process.
The Chinese Embassy in Norway has denied any unfounded allegations of connections between Chinese vehicles and security agencies, dismissing these claims as conspiracy theories.
NIO has stated that they adhere to all General Data Protection Regulation (GDPR) standards in the West and anonymize all data sent by their vehicles.
Previously, investigations into Chinese electric buses were also conducted in the same underground mines.
Norwegian public transport operator, Ruter, recently reported that in their tests, Chinese bus manufacturer Yutong Group could access the control systems of the buses they manufacture. This allowed for remote software updates and diagnostics of each bus, potentially leading to shutting down the buses remotely to impact their operations.
Ruter’s tests involved new Yutong buses and vehicles from Dutch bus manufacturer VDL purchased three years ago. The tests revealed that VDL buses produced in the Netherlands did not have remote software update capabilities, whereas the Chinese-manufactured buses did.
This discovery has garnered widespread media attention and prompted Norwegian security experts to conduct further investigations into similar systems in Chinese passenger cars.
Reports from the Süddeutsche Zeitung state that in the United States, if a Tesla electric car is stolen or if the Tesla owner fails to make payments, the vehicle can be remotely disabled with the press of a button. However, U.S. companies are legally required to impose strict limitations on such access. This contrasts with Chinese manufacturers who are not subject to these regulations. This issue highlights Europe’s concerns over technical security under the Chinese government’s control.