Western governments’ stop-and-start race towards ‘net zero’ carbon emissions has produced a global cybersecurity crisis as a potentially hostile power, China, appears to be cornering the market in electric vehicles (EVs). According to ResearchAndMarkets.com, the global automotive cybersecurity market is set to grow from $2.5 billion in 2023 to $6 billion by 2028.
And with Western carmakers currently struggling to make the transition to EVs, China’s EV sector is booming. While orders for EVs in the German industry are declining, for example, the China Passenger Car Association reports that China’s biggest EV manufacturer, BYD sold 29 percent more EVs than pioneering US EV manufacturer Tesla in the first half of 2023.
Given the recent legislative changes in China effectively making it compulsory for every Chinese citizen to double as a spy for the ruling Communist Party and a long history of installing spyware in mass-produced devices, it is hard not to share the security services’ view that Chinese-made electric cars will prove to be a security nightmare. Hard-to-detect AI-driven spy bots, for example, could easily be pre-installed into Chinese-made EV software.
Conversely, China has recently sounded its own security concerns concerning Tesla’s attempts to break into the vast Chinese domestic market. Earlier this month, local Chinese media reported that an airport in a southern city with a population of roughly one million had banned Tesla vehicles from parking due to “confidentiality concerns.” An airport worker says that “many places have a similar rule.” The Chinese are understandably alarmed by the “Sentry Mode” built into Tesla EVs. In an attempt to make the vehicle more theft-proof, this feature uses the car’s external cameras to detect suspicious activity when the EV is left unattended. The Chinese obviously have trust issues in accepting Tesla’s assurances that Sentry Mode needs to be activated manually in the car’s system setting, and the camera will only begin recording when a threat is detected, provided that a USB flash drive is also in place.
Western security services share similar concerns regarding the cameras installed in Chinese-made EVs sold in the US. Nor does China’s involvement in EVs end at local production, as tech giants such as Huawei have been partnering with car makers like Mercedes Benz and Audi. However, a significant feature in modern cars is the ability to update their software over the internet. Such features potentially open up doors for cyber threats. There are also growing fears that, as tensions between the US and China rise in the South Pacific, China would have little compunction in pre-installing spyware in its EVs.
But the public already expects the long-awaited new generation of 21st-century EVs. These include the latest in-car video and audio, all linked to the internet. Self-drive EVs also rely heavily on on-the-move online connectivity. For convenience, most EVs also automatically have online connectivity to update software and provide external online services. Such connectivity is a recipe for cybercrime and cyber-espionage on a global scale which is good news for the cybersecurity industry, as it is set to see its automotive market more than double in the next five years.
But, while its services will be essential, the cybersecurity industry can only ever be a sticking plaster on the gaping security wound that foreign-made EVs with wireless online connectivity will cause. With elections looming on both sides of the Atlantic, it now remains to be seen if governments in the US, UK, and Europe and their national auto manufacturers will have the courage to disappoint Joe and Jane Public by depriving users of EVs’ online interconnectivity and on-the-go services like Spotify and Netflix. In a battle between consumerism and national security, there may, as usual, be no clear winner.
