
As part of its analysis of Germany’s overall cybersecurity situation, the BSI also evaluates vulnerability and incident reports in the automotive industry. In the period from February 2024 to March 2025, 107 such reports were processed in this context, with the majority of the cases considered requiring physical access to the affected component or at least physical proximity to the vehicle, e.g. in the case of attacks via Bluetooth or Wi-Fi. In 18 reports, vulnerabilities were described that could also be exploited via the Internet. Overall, the BSI recorded an increase in vulnerabilities in manufacturer software and external applications.
According to the information available to the BSI, exploitation of the vulnerabilities mentioned with a criminal background is currently rather rare in the vehicle context. Further threats arise in connection with cyber dominance, i.e. the possibility of exerting influence through digital products that give manufacturers access to information and functions.
In addition, against the backdrop of current geopolitical conflicts, complicated supply chains increase the attack surfaces of vehicles and transport infrastructure. Furthermore, new ways of attacking AI components and vehicle sensors through manipulative inputs also entail new risks. With regard to the usually long life cycles of both vehicles and transport infrastructure, the migration to new cryptographic processes that are resistant to the potentially growing threat from quantum computers is also an important task.
BSI Vice President Thomas Caspers: “The digital attack surfaces in the automotive sector are growing rapidly. A trusting exchange of information between companies, research institutions and authorities is of crucial importance, not only for cyber security in road traffic, but also with regard to the digital sovereignty of Germany and Europe. Cybersecurity must be seen as a driver of innovation within the digitalized automotive industry – especially if the principles of security by design and security by default are consistently implemented. As Germany’s cybersecurity authority, the BSI offers manufacturers and their customers comprehensive information, assistance and exchange formats in this regard.”
– – – – – –
Further links
👉 www.bsi.bund.de
Photo: pixabay