Measures to protect sensitive data are no longer sufficient when it comes to the security of connected vehicles. A “digital airbag” is needed, says Dr. Julian Weber. He is a member of the Advisory Board of the eco Mobility Competence Group, as well as a Senior Consultant for In-car Data, Cybersecurity & AI Association of the Automotive Industry (VDA). Why? He provides an initial overview of the topic in this interview. For deep-dive information, he will be giving a presentation on the Tech Stage at the eco Internet Security Days (ISDs) 2025 at the RheinEnergieSTADION.
What makes the “digital airbag” for connected vehicles so urgently necessary today?
Connected vehicles today are rolling IT systems with constant data exchange to back-ends, charging stations, car repair shops, etc. Each of these channels represents a potential attack vector. Fundamentally, with increasing automation, the need for software grows, and so does the attack surface. Cybersecurity is therefore no longer an additional function, but a basic prerequisite for the safe operation of motor vehicles.
How have attacks on vehicles changed in recent years?
Two effects overlap here: On the one hand, the availability and performance of hacking tools have increased significantly, lowering the barrier to entry and increasing the intensity of attacks. On the other hand, the motives for attacks have changed: political motivations play a much larger role today.
What’s at stake if a cyberattack targets not only data but the vehicle itself?
If attackers can access vehicle functions, it’s no longer just a matter of data protection, but of physical safety. Interference with steering, brakes or the powertrain could directly endanger human lives. Preventing this is at the heart of cybersecurity for connected vehicles. The fact is that there has not yet been a documented case of a vehicle hack resulting in personal injury.
What role does the VDA play in the European cybersecurity landscape – and where are the biggest hurdles?
The VDA brings together manufacturers, suppliers and IT experts to develop security standards and coordinate them with regulatory authorities to ensure effective and efficient implementation. The biggest hurdles lie in harmonising different legal frameworks and closing new vulnerabilities as quickly as possible.
What does comprehensive cybersecurity mean in practice? Do drivers need to retrofit their cars?
Comprehensive cybersecurity means that all vehicles have a level of security that corresponds to the current state of the art – regardless of model year or equipment. This is achieved through regular software updates by the manufacturer. As a rule, this happens “over the air”: drivers only need to start the installation of the updates in their vehicles.
More about cybersecure driving – in the deep-dive presentation on 16 September
If you would like to learn more about strategies for the “digital airbag,” you can listen to Dr. Julian Weber live and ask him your questions. His deep-dive presentation takes place on 16 September at 4 p.m., as part of the eco Internet Security Days (ISDs) 2025 at the RheinEnergieSTADION.
Find out more and register now!
