The automotive industry is changing fast, thanks to advancements in AI, connectivity and autonomous technology. Modern vehicles not only include software and AI models from many different players, but they increasingly collect significant amounts of sensitive user data, and leverage cloud-based systems, to help enhance the driving experience and service delivery.
As geopolitical tensions increase, security concerns are now influencing how vehicles are designed and manufactured. There are concerns over back-doors, kill switches and potential monitoring of vehicles – and by extension individuals.
Equally important, standards around the globe differ, raising questions about the relative security of different players in the supply chain.
China: The world’s largest EV market and producer
China has solidified its position as the global leader in electric vehicle [EV] production and sales. As of 2023, more than half of the world’s EVs were in China, making it the largest EV market and producer. This rapid expansion has largely been driven by strong, and long-term, government support, including subsidies, infrastructure investment, and favourable regulations.
Beyond domestic sales, China’s EV exports have skyrocketed. Between 2019 and 2023, exports, including foreign brands like Tesla manufactured in China, have surged 160-fold. This rapid growth has sparked concerns over ‘overcapacity’, with Western markets fearing an influx of low-cost Chinese EVs.
The EU, US, and Canada have responded by announcing tariffs on EVs made in China, and some analysts are calling the situation the start of a potential ‘trade war’. But, the UK, a key importer of Chinese EVs since 2019, hasn’t followed suit yet and introduced similar measures.
As geopolitical tensions rise, China’s dominance in the EV industry continues to reshape global trade dynamics. As mentioned in our recent predictions for the automotive sector in 2025, despite the ever complex and growing US tariffs, Chinese innovators are continuing to push forward with their global ambitions, undeterred by the ongoing geopolitical challenges
Are US tariffs fueled by security concerns?
US tariffs on Chinese EVs have been framed as a way to combat unfair trade practices and protect domestic manufacturers, but security considerations weigh heavily on such a move.
Connectivity of modern EVs, many of which rely on AI-driven software and data collection, has raised fears of potential cybersecurity threats and data privacy risks.
US officials have become concerned that Chinese-made EVs, with advanced sensors and internet connectivity, might be used to collect sensitive data on American infrastructure, road networks, and even consumers. Some policymakers are concerned the Chinese government could access this data, posing a national security risk.
Similar concerns have been raised in the past about Chinese telecommunications companies and surveillance technology. Apart from the potential cyber risks, the US is also wary of its growing dependence on Chinese battery supply chains.
Given China’s monopoly on lithium-ion batteries and key raw materials, policymakers are calling for greater investment in domestic manufacturing to reduce reliance on imports from China. As a result, tariffs on Chinese EVs are not just about protecting American automakers, they also serve, to some extent, as a wider strategy to limit China’s influence in the high-tech automotive sector under the guise of national security concerns.
EVs and evolving security requirements
By nature of having more electronics and software, EVs are exposed to a wider range of cyber security threats and attacks and, as the vehicles become more popular, cybercriminals eagerly await exploitation of digital connectivity these cars rely on.
EVs today are exposed to many different types of cyber risks. For example, hackers can intercept wireless key fob signals to launch replay attacks and gain unauthorised access. Compromised charging stations may also serve as entry points for malicious software, jeopardizing vehicle safety – as demonstrated at Pwn2Own Automotive 2024, which identified multiple Zero Day vulnerabilities in a range of EV charging points.
Such security vulnerabilities in charging equipment can expose sensitive user data, including credentials, and public charging infrastructure is also at risk of malware attacks, potentially disrupting essential operations.
Additionally, grid-connected EV charging systems are prime targets for cyberattacks. This could lead to widespread disruptions in the electric distribution network, affecting many users and potentially causing disruption far beyond just EV owners. Ultimately, these risks clearly highlight the urgent need for robust cybersecurity measures to protect both lives and safety.
Although concerns are often raised about Chinese EV imports, it’s worth noting that many Chinese manufacturers are leading the way in cybersecurity implementation. In contrast, some U.S. and European vendors have been slower to adopt strong cybersecurity standards, which could introduce vulnerabilities into the EV ecosystem.
To mitigate these risks, policymakers might impose stricter regulations, conduct security audits, and require compliance with cybersecurity frameworks before allowing widespread deployment of foreign-made EVs and charging systems.
Final thoughts
The automotive industry is navigating a complex array of regulations, trade restrictions, and security challenges. As cybersecurity threats in the EV sector escalate, alongside growing supply chain vulnerabilities, it’s clear that a new, software-centric approach is essential.
EVs are increasingly reliant on software, and geopolitical actors are targeting everything from infotainment systems to network gateways and operating systems. The risks of espionage, intellectual property theft and cyber sabotage are no longer just potential dangers – they are active threats.
OEMs must now build next-generation automotive platforms with security and geopolitical resilience in mind.
How Trustonic can help
Since 2012, Trustonic has been at the forefront of cybersecurity for the automotive sector and, as the creator of the world’s leading Secure Operating System, we are uniquely positioned to help.
Whether you are unlocking new opportunities in an increasingly regulated market, navigating evolving cyber risks while balancing compliance and innovation, or protecting your brand from potential cyberattacks, recalls, and geopolitical fallout, we can assist you.
Our engineers pioneered the Trusted Execution Environment [TEE], a foundational technology ensuring software-defined vehicles remain resilient against rising security and geopolitical challenges.
Our expertise in protecting next-generation software-defined platforms ensures automakers, suppliers, and governments stay ahead of emerging threats.
As global tensions reshape the EV market, security must be proactive, not reactive.
Get in touch today to find out how we can support you.
