Israel Military Dumps Chinese 'Connected Cars': Here's Why

The Israeli Defence Forces has commenced withdrawing approximately 700 Chinese-manufactured vehicles previously assigned to senior officers, following security assessments that identified potential vulnerabilities in the cars' electronic systems that could enable unauthorised data collection and transmission. The decision highlights growing concerns about connected vehicle technology and its implications for military security.

Most of the recalled vehicles comprise Chery Tiggo 8 Pro models that the IDF began supplying to lieutenant colonels and colonels with large families starting in 2022. The seven-seat SUVs were selected for their spacious accommodation and competitive pricing, with fleet purchase costs estimated around $25,000 per vehicle before any potential trade offsets. The recall process is expected to continue through early 2026, with replacement vehicles sourced from manufacturers including Mitsubishi, Skoda, Kia, and Opel.

Israeli cyber security experts attempted to mitigate the Tiggo 8 Pro's vulnerabilities by sterilising the multimedia systems to prevent external data transmission, but ultimately determined they could not conclusively rule out whether the vehicles continued collecting information.

This inability to secure the systems despite intervention from specialists suggests the data collection and transmission capabilities were deeply integrated into the vehicles' electronic architecture rather than comprising simple standalone modules that could be easily disabled.

The security concerns stem from multiple connected systems standard in modern vehicles. The Tiggo 8 Pro features GPS positioning, WiFi and 4G connectivity, Apple CarPlay and Android Auto integration, multiple USB ports including USB-C, wireless phone charging, and comprehensive telematics systems. Advanced Driver Assistance Systems include adaptive cruise control, blind spot detection, lane-keeping assist, and a 360-degree surround view camera system providing complete visual coverage of the vehicle's surroundings.

These connectivity features enable real-time tracking of vehicle movements, potentially providing hostile intelligence services with information about military mobilisations, operational patterns, and classified installation locations. The presence of high-definition cameras capturing 360-degree imagery raises additional concerns about inadvertent documentation of military exercises, new weapons systems, and defensive installations such as missile batteries and command centres that vehicles pass during routine travel.

Modern vehicles employ telematics control units that continuously transmit location data, driving behaviour, and vehicle health information to manufacturer servers. Vehicles connecting to mobile applications or cloud services rely on application programming interfaces that manage data flows, with security flaws in these APIs potentially allowing unauthorised access to personally identifiable information and location histories. Third-party management of these APIs compounds security risks, as multiple entities beyond the vehicle manufacturer may handle sensitive data.

The Israeli decision follows earlier measures including banning Chinese vehicles from entering military bases and restricting their parking near sensitive installations. The escalation from access restrictions to complete fleet withdrawal suggests Israeli intelligence may have detected actual security breaches or gathered evidence linking the Chery vehicles to compromised defence locations, though official sources have not confirmed specific incidents.

The concerns about Chinese vehicles mirror broader debates about connected technology and national security occurring in Western countries. The United States currently prohibits sales of Chinese-branded passenger vehicles, though several models built in China including the Lincoln Nautilus and Buick Envision remain available through established manufacturers. Multiple Chinese automakers including BYD, Nio, and Xpeng plan to enter Western markets focusing on electric and hybrid vehicles, which will feature extensive connectivity to Chinese-located servers and data aggregators.

Security experts note the vulnerability extends beyond Chinese vehicles, as virtually no manufacturers offer robust cybersecurity features such as end-to-end encryption protecting data flows from vehicles to company servers. Major manufacturers including General Motors, Stellantis, Hyundai, and Toyota continuously collect data from their vehicles, creating potential access points for both friendly and hostile intelligence services capable of compromising manufacturer systems.

Smartphones present a separate but related vulnerability, as these devices independently track locations, capture imagery including selfies, and maintain information about family members and business connections in near real time. The ubiquitous presence of smartphones means that banning Chinese vehicles addresses one specific vulnerability whilst leaving multiple alternative access methods for determined adversaries.

Current protective measures such as GPS and WiFi jammers prove impractical for widespread military use, as these devices indiscriminately block all signals including friendly military and civilian networks that modern operations increasingly depend upon. Many drone systems rely on local cellular services for operations and data transfer, meaning blanket jamming would disable both threatening and essential systems simultaneously.

Ukrainian military intelligence has successfully employed cell phone tracking to locate enemies in occupied territories and within Russia itself, demonstrating that connected device vulnerabilities represent active threats rather than theoretical concerns. This precedent suggests Israeli security services may have detected or prevented similar tracking attempts targeting their personnel through compromised vehicle systems.

The Israeli military's new vehicle procurement guidelines exclude Chinese manufacturers entirely, with approximately 10,000 cars to be leased under recent tenders going exclusively to non-Chinese brands. The policy shift represents a significant market impact, as Chinese electric vehicles had gained popularity for their affordability and range characteristics before security concerns prompted the wholesale exclusion.

The recall costs approximately $17 million in direct vehicle replacement expenses, not accounting for administrative overhead, logistics, and potential contractual penalties. The substantial financial commitment suggests Israeli defence leadership considered the security risks sufficiently serious to justify scrapping relatively new vehicles rather than attempting to isolate vulnerable systems or accepting residual uncertainty about their security posture.

Security analysts emphasise that comprehensive solutions require fundamental changes to vehicle cybersecurity architecture rather than selective manufacturer exclusions. The absence of industry-wide security standards and encryption protocols means even non-Chinese vehicles may transmit unprotected data streams vulnerable to interception and exploitation. The threat to national security from connected vehicles demands systematic safeguards rather than piecemeal responses targeting specific manufacturers or origin countries.