Contact us
Resillion logo
  • Solutions
    • Artificial Intelligence and Machine Learning
    • Total Quality
    • Digital Assurance
    • Cyber Security Services
    • Conformance and Interoperability
    • Media Content Services
    • Advisory
    • Tools and Partnerships
    • Service Delivery
    • Transforming Quality with AI
    • Total Quality in AI
    • Governance, Risk and Compliance Services
    • Enterprise Technology and Business Operations services
    • Quality Engineering
    • Enterprise Technology and Business Operations
    • Test Infrastructure Engineering
    • Non-Functional Testing
    • Functional Testing
    • Cyber Security Consulting and Testing Services
    • Security Training and Security-as-a-Service
    • Global Cyber Delivery Centre
    • Security Operations Centres and Managed Security Services
    • Digital Forensics Services
    • Europrivacy
    • High-Speed Serial Data
    • Wireless Connectivity
    • Broadcast and Streaming Media
    • Distributed Energy Resources
    • Wireless Power
    • Digital Mastering Services
    • Digital Restoration Services
    • Home Entertainment Services
    • QC On Demand
    • Governance, Risk and Compliance Advisory
    • Total Quality Advisory
    • Cyber Strategy Advisory
    • QE Transformation Advisory
    • Power Networks Demonstration Centre | Strathclyde
    • Testwizard
    • CRACY Toolkit
    • CI Plus Test Tool
    • Ligada iSuite for HbbTV
    • Digital Transformation
    • Managed Services
    • Transforming Quality with AI Advisory
    • Assuring AI with Total Quality Advisory
    • Assuring AI with Total Quality
    • Governance, Risk and Compliance for AI
    • Governance
    • Cyber Resilience Act
    • EU AI Act and Digital Service Act
    • Quality Intelligence
    • Agile and DevOps
    • Continuous Testing
    • SAP Assurance
    • ERP Assurance
    • Test Data Management (TDM)
    • Cyber Security Testing
    • Accessibility and Usability Testing
    • Performance, Load and Stress Testing
    • Web and Mobile Testing
    • Test Automation
    • CISO-as-a-Service
    • Cyber Security for the Radio Equipment Directive
    • Penetration testing that adapts to your world
    • Red Teaming
    • USB Testing
    • Matter Certification
    • Aliro Certification
    • 4K HDR Immersive Logo
    • Ligada iSuite for HbbTV
    • Evora iSuite for DVB
    • CI Plus Test Tool
    • ATSC NEXTGEN TV
    • Qi Testing
    • Ki tooling and certification
    • Governance, Risk and Compliance for Energy
    • Governance, Risk and Compliance for Banking
    • Governance, Risk and Compliance for Business Operations
    • Governance, Risk and Compliance for Enterprise Technology and Operations
    • Governance, Risk and Compliance for Global Consumer Electronics
    • Governance, Risk and Compliance for Media
    • Governance, Risk and Compliance for Telecom
  • Industries
    • Banking, Financial Services and Insurance
    • Energy and Utilities
    • Global Consumer Electronics
    • Media
    • Telecoms
  • Insights
    • Blog
    • Case Studies
    • Events
    • News
    • Newsletters
    • Resources
  • About
    • Channel Partner Program
    • Compliance
    • Contact
    • Environmental, Social and Governance (ESG) at Resillion
    • Leadership team
    • Working at Resillion
    • Entry Level
    • Intermediate
    • Expert
    • Freelance/Consultant
  • Careers
Contact us
  • Solutions
    • Artificial Intelligence and Machine Learning
      • Transforming Quality with AI
        • Transforming Quality with AI Advisory
      • Total Quality in AI
        • Assuring AI with Total Quality Advisory
        • Assuring AI with Total Quality
        • Governance, Risk and Compliance for AI
    • Total Quality
      • Governance, Risk and Compliance Services
        • Governance
          • Governance, Risk and Compliance for Energy
          • Governance, Risk and Compliance for Banking
          • Governance, Risk and Compliance for Business Operations
          • Governance, Risk and Compliance for Enterprise Technology and Operations
          • Governance, Risk and Compliance for Global Consumer Electronics
          • Governance, Risk and Compliance for Media
          • Governance, Risk and Compliance for Telecom
        • Cyber Resilience Act
        • EU AI Act and Digital Service Act
      • Enterprise Technology and Business Operations services
    • Digital Assurance
      • Quality Engineering
        • Quality Intelligence
        • Agile and DevOps
        • Continuous Testing
      • Enterprise Technology and Business Operations
        • SAP Assurance
        • ERP Assurance
      • Test Infrastructure Engineering
        • Test Data Management (TDM)
      • Non-Functional Testing
        • Cyber Security Testing
        • Accessibility and Usability Testing
        • Performance, Load and Stress Testing
      • Functional Testing
        • Web and Mobile Testing
        • Test Automation
    • Cyber Security Services
      • Cyber Security Consulting and Testing Services
        • CISO-as-a-Service
        • Cyber Security for the Radio Equipment Directive
        • Penetration testing that adapts to your world
        • Red Teaming
      • Security Training and Security-as-a-Service
      • Global Cyber Delivery Centre
      • Security Operations Centres and Managed Security Services
      • Digital Forensics Services
      • Europrivacy
    • Conformance and Interoperability
      • High-Speed Serial Data
        • USB Testing
      • Wireless Connectivity
        • Matter Certification
        • Aliro Certification
      • Broadcast and Streaming Media
        • 4K HDR Immersive Logo
        • Ligada iSuite for HbbTV
        • Evora iSuite for DVB
        • CI Plus Test Tool
        • ATSC NEXTGEN TV
      • Distributed Energy Resources
      • Wireless Power
        • Qi Testing
        • Ki tooling and certification
    • Media Content Services
      • Digital Mastering Services
      • Digital Restoration Services
      • Home Entertainment Services
      • QC On Demand
    • Advisory
      • Governance, Risk and Compliance Advisory
      • Total Quality Advisory
      • Cyber Strategy Advisory
      • QE Transformation Advisory
    • Tools and Partnerships
      • Power Networks Demonstration Centre | Strathclyde
      • Testwizard
      • CRACY Toolkit
      • CI Plus Test Tool
      • Ligada iSuite for HbbTV
    • Service Delivery
      • Digital Transformation
      • Managed Services
  • Industries
    • Banking, Financial Services and Insurance
    • Energy and Utilities
    • Global Consumer Electronics
    • Media
    • Telecoms
  • Insights
    • Blog
    • Case Studies
    • Events
    • News
    • Newsletters
    • Resources
  • About
    • Channel Partner Program
    • Compliance
    • Contact
    • Environmental, Social and Governance (ESG) at Resillion
    • Leadership team
    • Working at Resillion
      • Entry Level
      • Intermediate
      • Expert
      • Freelance/Consultant
  • Careers
  • Contact
Cyber Security Services, General

Kill switches in connected devices: the emerging risk leaders cannot ignore

December 3, 2025

Antonio Russu

Global Head Cyber Security

A driven and forward-thinking professional, Antonio Russu brings a strong blend of strategic insight, customer focus, and leadership excellence.

In many boardrooms, cyber security conversations still revolve around ransomware, phishing and data breaches. But the potentially more damaging risk of remote kill switches is emerging.

Embedded in connected devices, from fleets to sensors, cameras, controllers and smart-city assets, kill switches aren’t vulnerabilities or configuration issues – they’re deliberate features built deep into firmware or hardware. And they’re designed to change how a device behaves, sometimes without the owner’s knowledge or control.

Because connected devices sit at the centre of expanding modern infrastructure, they mean that many organisations don’t fully control the technology they depend on.

A wake-up calls for senior leaders

In a worrying trend, kill-switch concerns are now emerging in systems that once seemed routine and dependable. It’s becoming clear that many connected devices contain undocumented or poorly understood remote-access pathways controlled by the manufacturer.

In the UK, for example, the Department for Transport and the National Cyber Security Centre are investigating whether hundreds of Yutong electric buses could be remotely disabled by their manufacturer, raising questions about operational control in public transport. Similar concerns have surfaced in mainland Europe, where unexplained behaviour in city camera networks has prompted deeper analysis of the underlying technology.

For senior leaders, the message is clear: If a device you depend on can be switched off remotely, it becomes a business-critical risk.

How kill switches impact your organisation

For senior decision-makers, the implications go beyond technical failure. Kill-switches have practical, business-level consequences that affect core parts of your business, including:

Operational disruption

A kill switch can instantly stop fleets, disable sensors or take surveillance networks offline. The operational impacts of this can mean outages across communication, grid stability and transport services.

Supply-chain dependency

Many “smart” devices rely on channels typically controlled by the vendor, such as SIM-enabled connectivity, remote diagnostics, firmware updates and always-on cloud services. These channels mean the device may contain a control pathway that you don’t own and can’t audit.

Regulatory pressure

NIS2, DORA and operational-resilience rules now expect leadership teams to understand and govern risks across their entire digital supply chain, including embedded behaviours inside connected devices.

Loss of trust and reputation

If regulators, partners or the public discover that essential systems could be remotely disabled, confidence in your organisation will erode quickly.

Governance blind spots

The biggest misconception is that kill switches are cyber attacks, but a kill switch can be a deliberate manufacturer-implemented function, hidden in firmware and extremely difficult to detect through traditional vulnerability assessments. This elevates the risk from a technical problem to a governance and assurance issue.

Understand your risk

Effectively addressing the risk of kill switches means assessing your organisation against all levels of risk, including accidental exposure, malicious software kill switches and malicious physical kill switches.

Kill Switch assessment checklist table

To assess your exposure across all three levels, follow a comprehensive kill-switch checklist, including:

Select an option
Inventory your assets
Ask tougher vendor questions
Simulate loss of control
Strengthen procurement
Align governance

Map connected devices across fleets, facilities and networks. Identify which have remote-management or OTA update capabilities.

Determine who holds credentials, how access is logged and whether remote commands can be isolated or disabled.

Run “kill-switch simulations” with engineering and risk teams to understand how systems behave when connectivity fails, remote commands stop responding or unknown device functions activate.

Build transparency requirements into contracts, with the ability to audit or lock down critical pathways and mandate disclosure of remote-access mechanisms and firmware behaviour, including fallback modes that maintain core operations.

Ensure cyber, operations and procurement teams understand the risk and address it collectively. Kill-switch exposure should feature at board or C-suite level, tied into operational-resilience and continuity plans.

Go beyond conspiracy to effectively mitigate risk

There are several misconceptions about kill switches, including the idea that entire fleets could be shut down at once, that all kill switches are malicious or that the issue relates to one country. Remote-access paths may exist, but wide-scale shutdowns require specific conditions. Many channels support diagnostics or updates, and the real risk comes from misuse or exploitation. Scrutiny now extends across multiple regions.

Managing the risk means moving beyond these myths. It demands senior-level engagement and awareness that kill switches post a structural risk that can undermine operational continuity, regulatory compliance and public trust.

Kill switches in modern connected systems aren’t science fiction. Recent cases show how quickly a maintenance feature can become an existential point of failure. And by the time a kill switch activates, it may be too late to mitigate the harm this can cause.

Securing your organisation means treating kill-switch risk as an operational priority, not an afterthought.

How Resillion can help

At Resillion, we help organisations identify and address hidden kill-switch risks. Our work combines device-level assessment, firmware analysis and operational resilience planning. Drawing on practical experience, including investigations into anomalous behaviour in city camera networks, we help organisations:

  • clarify whether kill-switch logic exists
  • identify who controls it
  • simulate activation scenarios
  • design fallback modes that keep services running
  • strengthen procurement and supply-chain governance

Visit our cyber services web pages to find out how Resillion can help you to gain the clarity and assurance needed to protect essential operations and strengthen long-term resilience.

 

WEBINAR

Supercharging AI assurance with Test Data Automation

Is your test data ready for scalable AI assurance under NIS2?
Watch the recording
Webinar ad  SUPERCHARGING AI Watch the recording

Related Insights

Providing solutions in a unified, structured approach across all critical domains to enable end-to-end quality.

Insights
Person holding a glowing business timeline with plan, build, launch, and scale milestones
July 1, 2026

Resillion wins CloudPay contract to deliver integrated security assurance

Read more
91% customer satisfaction for cybersecurity
June 16, 2026

Resillion achieves 91% customer satisfaction score for cyber security in Q1

Read more
Resillion
June 15, 2026

AI meets Live TV testing for a leading telecoms provider

Read more
Blog ads. data center jpg
June 15, 2026

Why database cloning for testing no longer works

Read more
IFa event 05
June 13, 2026

Let’s meet at IFA Berlin 2026

Read more

Get in touch

Providing solutions in a unified, structured approach across all critical domains to enable end-to-end quality – Because we’re the only ones who can.

Software testing specialist

Our accreditations and certifications

living-wage-employer CREST logo for cybersecurity services including vulnerability assessment, penetration testing, and SOC capabilities NCSC CHECK Penetration Testing logo representing cybersecurity assessment and penetration testing standards Approachable Registered ISO 27001 certification logo representing information security management standards Approachable Registered ISO 27001 certification logo representing information security management standards CCV Cyber Pentest certification logo representing cybersecurity testing and penetration testing standards Cyber Essentials logo for cybersecurity certification and security compliance Cyber Essentials Plus logo for cybersecurity certification and security compliance EPI Logo primary positive RGB scaled Europrivacy living-wage-employer CREST logo for cybersecurity services including vulnerability assessment, penetration testing, and SOC capabilities NCSC CHECK Penetration Testing logo representing cybersecurity assessment and penetration testing standards Approachable Registered ISO 27001 certification logo representing information security management standards Approachable Registered ISO 27001 certification logo representing information security management standards CCV Cyber Pentest certification logo representing cybersecurity testing and penetration testing standards Cyber Essentials logo for cybersecurity certification and security compliance Cyber Essentials Plus logo for cybersecurity certification and security compliance EPI Logo primary positive RGB scaled Europrivacy
living-wage-employer CREST logo for cybersecurity services including vulnerability assessment, penetration testing, and SOC capabilities NCSC CHECK Penetration Testing logo representing cybersecurity assessment and penetration testing standards Approachable Registered ISO 27001 certification logo representing information security management standards Approachable Registered ISO 27001 certification logo representing information security management standards CCV Cyber Pentest certification logo representing cybersecurity testing and penetration testing standards Cyber Essentials logo for cybersecurity certification and security compliance Cyber Essentials Plus logo for cybersecurity certification and security compliance EPI Logo primary positive RGB scaled Europrivacy living-wage-employer CREST logo for cybersecurity services including vulnerability assessment, penetration testing, and SOC capabilities NCSC CHECK Penetration Testing logo representing cybersecurity assessment and penetration testing standards Approachable Registered ISO 27001 certification logo representing information security management standards Approachable Registered ISO 27001 certification logo representing information security management standards CCV Cyber Pentest certification logo representing cybersecurity testing and penetration testing standards Cyber Essentials logo for cybersecurity certification and security compliance Cyber Essentials Plus logo for cybersecurity certification and security compliance EPI Logo primary positive RGB scaled Europrivacy
Resillion logo no strapline CMYK 4 white

24×7 Cyber Incident Response

+44 (0)330 223 0724

Email

[email protected]

Follow us

LinkedIn Icon YouTube Icon

Newsletter

© 2026 Resillion
  • Website Privacy Policy
  • Cookie Policy
  • Reporting bugs and vulnerabilities
  • Complaint Policy
  • ESG at Resillion
  • Modern Slavery Policy
  • Sitemap
GA4 Proxy: JS Loaded