The Volkswagen, Audi and Skoda group has been accused of knowingly selling cars with defective SOS warning systems that in some cases failed before the new owner had left the dealership.
Since 2018 all new cars sold across the EU have been required to have an eCall system that automatically contacts the emergency services with the vehicle’s location in the event of a serious accident. It is a sophisticated set-up using the car’s navigation system and airbag sensors, and it has its own mobile phone sim card.
But almost immediately after VAG Group introduced SOS systems in its cars in 2017, buyers of VWs, Skodas and Audis started reporting intermittent problems.
Guardian research suggests that rather than the matter being resolved by the manufacturer, almost three years on, the problem has not been solved.
Frustrated owners have described having to make repeated and often fruitless trips back to dealers, costing them time and fuel, and being without their cars for sometimes weeks at a time.
In the most recent cases, some drivers have reported that their car’s satnav and in-car phone system have been rendered useless. At least one owner of an affected car has reported being told that the problems affect a significant batch of cars made during 2020.
In May last year, VW was temporarily forced to halt deliveries of its latest Golf because the eCall emergency assist function was not working reliably. In April 2020, Skoda recalled and repaired 26,000 Kamiq and Scala models after finding that the system was not working as it should.
Flora Ellison, a teacher who lives in south London, says she has been told by her dealer that he has “no idea” how to fix her Skoda Karoq sports utility vehicle, which started playing up only four days after she had picked up the brand-new £22,000 car in December.
“You can be driving along and out of nowhere the warning light will flash up telling you the SOS system has failed and telling you to take the car to the dealer,” she says. “The car’s satellite navigation system goes haywire and you can no longer hear the other person when using the hands-free phone system.”
Despite numerous visits to the dealer, she says the problem is no nearer being fixed. She says staff eventually admitted to her that this is a well-known fault, and as a result she has asked the dealer to replace her car.
“I’ve now been told that this problem has affected many vehicles within the fleet – and that they have no idea how to fix it,” she says.
“I rely on my car to get to work as the public transport options are very limited. When I first took the car in they gave the impression that they hadn’t seen the problem before. Only when it persisted did the true picture emerge. It would appear to me that Skoda is knowingly selling cars that have this fault. I really like the car in every other respect, which makes the whole thing even more frustrating.”
Audi owners were the first to report problems back in 2017, and there has been a steady stream of complaints from VAG car buyers since, with online posts about VWs, Audis and Skodas.
“My new Q7 had the same problem less than 12 hours after collecting my car from the dealer somewhere mid-January 2017,” wrote Isn on the Audi forum in 2017. “I had to send it in for 1.5 weeks to change the coaxial and antenna. Unfortunately the problem came back after a few days and I have to send it back to the dealer again. I have the feeling that Audi have no idea what is causing the error on the emergency call.”
Skoda owners described the same experience, followed by VW Golf buyers – again often reporting that it started within days of them picking up their new car at the dealership.
Guardian Money sent links to these complaints to Skoda. It said that without knowing the details of each of the cases, or what was causing the fault in Ellison’s car, it “wouldn’t be constructive or helpful to comment or make comparisons”. It is now examining her car and has given her a replacement.
VW, the parent company, declined to comment.
One of the problems that dealers have apparently had has been diagnosing the fault. In some early cases the sim card was at fault, while a software update appears to havesolved some problems. More recently, owners have required a new replacement control unit that in some cases has taken two months to fix.
Lisa Barber of the consumer group Which? says: “These reports of manufacturing faults with some VAG models are concerning. If the manufacturer was aware of these faults, it is wholly unacceptable that it has continued to take cash from consumers without fixing the issue. It must investigate these complaints across its range of cars, and, if needed, issue a recall to ensure these faults are fixed.”
A spokeswoman for Skoda says: “We can only comment for Skoda but it is worth noting that the cars [complained about in the forums] mainly relate to vehicles which are based on different platform architecture that use different software and hardware. The experience of our customers is of utmost importance to us. Our focus now is to investigate the issues relating to the customer’s car and to ensure we resolve this case.”
A new law due to come into force tomorrow that would force broadband providers in New York State to provide net access to low-income households for $15 a month has been put on hold.
A preliminary injunction [PDF] was granted by United States District Judge Denis R Hurley on Friday after a string of trade bodies – including the New York State Telecommunications Association and The Broadband Association – launched the action on behalf of their members.
The ruling notes that telcos and ISPs forced to impose the price caps would “suffer unrecoverable losses increasing with time” and that the “bulk of these losses will stem from lost income.”
“While a telecommunications giant like Verizon may be able to absorb such a loss, others may not: the Champlain Telephone Company, for example, estimates that nearly half [approximately 48 per cent] of [its] existing broadband customers will qualify for discounted rates,’ with each such customer ‘caus[ing] a monetary loss’,” it states.
The legal action also highlighted that not only would telcos lose revenue by offering cut-price access, they would also incur additional costs associated with increased spending on advertising.
In April, New York Governor Andrew Cuomo put his name to legislation that would force operators in the state to offer $15 a month high-speed internet to low-income families across the state.
The legislation also made it a legal requirement for operators to inform the authorities about their broadband products and prices, and how many had taken up the offers.
In all, it was estimated this change would impact seven million New Yorkers and some 2.7 million households.
At the time, Governor Cuomo said the need for remote access to work, education, and healthcare – which had been brought into sharp focus by the pandemic – had underlined the “need to make sure every household has access to affordable internet.”
“This program – the first of its kind in the nation – will ensure that no New Yorker will have to forego having reliable home internet service and no child’s education will have to suffer due to their economic situation,” he said.
US telcos in the crosshairs of the enforced price cap were quick to challenge the legislation, pointing out, among other things, a temporary $50-a-month discount being offered to households as part of a federal benefit.
In a 19-page lawsuit filed on 30 April, the industry lined up to say that they’re already doing their bit to help close the digital divide including offering cut-price tariffs to people on low incomes.
They also claim that New York is acting beyond its jurisdiction.
“In short, New York has overstepped its regulatory authority,” lawyers acting on behalf of the telcos said in their lawsuit.
Governor Cuomo hit back almost immediately and in a statement on the same day as the 30 April lawsuit said: “I knew giant telecom companies would be upset by our efforts to level the playing field, and right on cue, they’re pushing back. This is nothing more than a transparent attempt by billion-dollar corporations putting profit ahead of creating a more fair and just society.”
Fast-forward to this week and the decision to grant a temporary injunction halting the introduction of the $15-a-month broadband cap has left many wondering what happens next.
In a statement, US Telecom said: “The broadband industry is committed to working with state and federal policymakers on sustainable solutions that will serve the needs of all low-income Americans. While well-intended, the state’s law ignored the $50 monthly broadband discount Congress enacted, as well as the many commitments, programs and offerings that broadband providers have made for low-income consumers.” ®
The company is building a subscription service for its micromobility vehicle, which is a cross between a moped and a traditional e-bike.
Vässla, a Swedish micromobility start-up, has raised $11m in fresh funds to expand during the increasing demand for e-bikes.
The Stockholm-based company initially launched with e-mopeds and is now launching an e-bike with a club-like subscription model.
Vässla Club will target individuals, delivery drivers and businesses like hotels and holiday resorts with a subscription model to access its e-bikes with fleet management features built in for businesses.
The round of funding was led by Swedish investment firm Skabholmen Invest with eEquity contributing to the round.
The company is running trials in the Scandinavian market with further trials pencilled in for Berlin, Vienna, Hamburg and Madrid. It is also planning a UK launch once legislation around e-scooter and other electric micromobility vehicles has been introduced beyond the current trial stages across the country.
Vässla designed its bikes in-house and describes it as a midway point between a moped and an electric scooter. It has a maximum speed of 25km/hr and battery range of 40km.
The company was founded by chief executive Rickard Bröms over his frustration with commuting and a mission to reduce dependency on privately owned cars.
“The problem with electric pedal bikes is that your morning commute becomes a workout session – you arrive at work or at your important meeting sweaty and tired. It’s really no better than using packed trains or buses,” Bröms said.
The new iteration of its bike is lighter but capable of multiple trips a day, he added.
“The investment, which will help us launch Vässla Club, and expand into other territories, comes at a very exciting time and we are very much looking forward to seeing how the attitudes of the general public towards micromobility will change over the next few years.”
Wilhelm Pettersson, CEO of lead investor Skabholmen Invest, said that it invested in the company as it believes the “future of urban planning will exclude personal cars”.
It’s been 40 years since Lisa Donnan has queued for gas. But last month the cybersecurity expert found herself joining the long lines of cars across the east coast of the US looking for fuel after the latest in a series of cyber-attacks had shut down the pipeline that provides fuel to 45% of the region.
“The last time I did that was in the Iran crisis,” she said. “My dad had to wait with me.”
The hack of the Colonial Pipeline was just one of a series of cyber-attacks that have hit the US and elsewhere recently. Hackers have taken down JBS, the world’s largest meat processor, disrupting the global meat market, closed schools in Iowa and hit hospitals in Ireland in what experts say is a dangerous escalation of a crime wave that has swelled from the small-scale blackmail operations of a few years ago to major assaults that threaten the livelihoods – and potentially lives – of millions.
Many of the recent attacks have been sourced to operations in Russia and US officials say that Russia’s responsibility for ransomware attacks carried out from its territory would be a central issue when Joe Biden meets Vladimir Putin in Geneva next Wednesday.
“One of the things that President Biden will make clear to President Putin, when he sees him, is that states cannot be in the business of harboring those who are engaged in these kinds of attacks,” the secretary of state, Tony Blinken, told Congress this week.
Eric Green, the senior director for Russia and central Asia in the national security council, said that one of the expected outcomes from the Geneva summit was a routine dialogue between senior US and Russian officials aimed at bringing greater stability and predictability to the relationship. One of the issues in the dialogue would be ransomware attacks.
“When we talk about strategic stability cyber will also certainly be on the agenda,” Green said in a recent discussion organised by the Centre for a New American Security. “The recent ransomware attacks remind us that the cyber domain is prone to misperceptions and that there are dangerous escalation risks.”
US officials say America will be pushing for Nato to expand its involvement in cyberdefence at the alliance summit in Brussels. But the unanswered question is how to respond to ransomware attacks by criminal groups for whom their host countries deny responsibility.
“Putin will deny interfering in US politics or conducting cyber-attacks, asserting that Washington has no proof, while rejecting the legitimacy of US concerns about what happens within Russia,” said Steven Pifer, former deputy assistant secretary of state for European and Eurasian affairs and now a senior fellow at the Brookings Institution.
“Biden should not waste time arguing. He should aim instead to ensure that Putin has a clear understanding of what conduct is out of bounds.”
The pressure for Biden to act is rising. There has been a 62% increase in ransomware globally since 2019, and 158% spike in North America, according to the 2021 SonicWall Cyber Threat Report. Alongside that rise, the nature of the crimes and their targets are also changing.
“We are seeing more attacks, more sophisticated attacks, bigger attacks and the scary thing is we are seeing them more on supply chains,” said Donnan. “It used to be about financial exfiltration, stealing money, and reputational damage. It’s now in a life-threatening environment. That is a dramatic change.”
Now a partner at the cybersecurity private equity investor Option3Ventures, Donnan says she doesn’t expect to see any let-up in attacks. Nation states including Russia, China and North Korea are getting more ambitious in their attacks and the criminal enterprises that operate under their wings are getting more brazen.
“The landscape is ripe and ready for attack from a perfect storm of hackers, nation states and the average cybercriminal,” she said.
Part of the recent surge is down to the pandemic, which has helped the hackers by accelerating the digitization of business and giving them more access points as people and businesses have moved to work remotely.
On top of that there has been an explosion in software development, much of which was not built with security in mind from the beginning, said Donnan. “We still have a culture of get to market, be first. We are designing code without security in mind,” she said.
Lastly there are few consequences to cybercrime. Cryptocurrencies are the preferred payment for ransoms and are as hard to track as the origins of the hack. With the authorities unlikely to crack the case anytime soon – if ever – for many targets not paying is a difficult choice. Joseph Blount, Colonial’s chief executive, told Congress last week that he decided to pay the $4.4m bitcoin ransom to get the pipeline back online after he saw “pandemonium going on at the markets”.
Politicians hit out at Blount for the company’s failure to stop the hack. But the government itself has also failed to stop numerous hacks and not paying the ransom can be more expensive than paying up and potentially leave companies open to further assaults. JBS paid $11m in bitcoin to its hackers, even though it had mostly fixed its problems, hoping the payment would prevent further issues arising from the attack.
In 2019 Baltimore was hit with a cyber-attack that seized control of parts of its government. The hackers demanded $760,000 in bitcoin but the mayor, Bernard “Jack” Young, refused to pay. The cost of rebuilding its systems has now reached $18.2m.
Publicly the FBI advises victims not to pay a ransom in order to discourage perpetrators from targeting more victims. But privately they will tell targets that they understand if they feel the need to pay.
In the Colonial case the FBI managed to seize the majority of the bitcoin payment – a hopeful sign that may discourage some attackers, according to experts – but the fact remains that most of these crimes go unpunished.
“It’s very difficult to prosecute, it takes a long time, it takes cooperation geopolitically because most of these attacks come from offshore,” said Donnan. “The government only has so many resources. It doesn’t take a lot of tools or brain capacity to do these things,” she said. “You can buy a tool kit on the dark web.”
One irony of the current wave of hacks is that the US is under attack by tools developed by its own National Security Agency (NSA). In 2016 an online group called the Shadow Brokers claimed to have infiltrated the Equation Group, the NSA’s own private hacking group, and obtained malware used by the US to target its enemies.
In June 2017 the same cyber-attack tool developed by the NSA, called EternalBlue, was used to launch a series of attacks on Ukraine, affecting the government, banks and transportation systems and taking the radiation monitoring system at Chernobyl offline. That attack then spread around the world, hitting companies that had offices in Ukraine including FedEx, the advertising agency WPP, pharmaceutical company Merck and consumer goods maker Reckitt Benckiser.
The escalation in cases comes even as spending on security is rising dramatically. The US is the number one country for cybercrime and also spends the most on cybersecurity.
In 2015 the US Office of Personnel Management (OPM) announced it was hacked in 2015, one of the largest data thefts in history. Since then the US has spent $115bn on cybersecurity and the White House is asking Congress to commit roughly $10bn to civilian government cybersecurity next year – a jump of nearly 14%. Industry spent $41bn on cybersecurity in 2019 and is expected to have spent $53bn in 2020.
Even after all that money has been spent, said Donnan “we are still exposed because there is no consequence.”
But there are rewards.
Three years ago Paul Ferrillo, a partner at New York law firm Seyfarth Shaw who specialises in cybersecurity, says he was settling ransomware hacks for five bitcoin (about $6,000 per bitcoin then and currently around $36,000 each). “Now you are lucky if it’s 75 bitcoin or 100. I heard of one demand recently for $140m,” he said.
“If this is the new normal, they are winning,” he said. “These criminal actors are well-funded and smart whether they are state-funded or not. We need to be as smart as they are.”
Ferrillo said there was no silver bullet that would solve the crisis and that everyone from the government to the private citizen had to play a part. Companies have to get better at managing their data, storing backups offline and making sure it is harder to get into their systems.
He also wants to see more transparency from industry. Companies have often hidden hacks because they don’t want to look like “doofuses”, he said. “But when industry shares information, we all get smarter. We understand where we should look and how we should do better.”
But tackling this explosion in hacking will take action from everyone, he said, from government to private citizens. “Cybersecurity is a shared responsibility. We are all in this together,” he said.