Cyber Threats: New and Old

Legacy cyber security threats:

In the month of Oct-Nov 2025, Jaguar Land Rover (JLR) was victim of a cyber attack which caused massive disruption in the daily activities of the company. JLR is the second largest employer in Britain after the British government. The British government was forced to loan billions of pounds to JLR to prevent the company from collapsing. These kinds of targeted attacks will only increase in the future and they have the potential to cause havoc in society.

German companies have also faced similar attacks in the past. More awareness about cybersecurity, external verification & validation of cyber security measures in companies, coordination with law enforcement agencies to streamline sharing of information is required (BSI – Presse – Broschüre erklärt Cybersicherheit für kleine und mittlere Luftfahrtunternehmen).

Cyber attacks on critical infrastructure: Citizen services ( e.g: Registration of home address, registration of new companies, social security process, electricity, gas, water networks etc) moving online. Malicious actors will either try to take down or game the system (Einfache Mittel, große Wirkung: Kritische Infrastrukturen im Visier).

Data Poisoning: All GenAI models require data for training, test & validation. Many companies scrape the internet for data as a quick, easy and cheap alternative to actually recording the data in the real world. However, this methodology also exposes companies and entities to a significant risk. Malicious actors can use adversarial machine learning techniques to insert very carefully “engineered” patterns into visual & audio data to fool AI classifiers.
These patterns are completely invisible or inaudible to humans and can only be perceived by AI classifiers. Training or validating AI classifiers with this poisoned data will cause AI classifiers to generate incorrect decisions which in turn could lead to extremely disastrous consequences specifically in the context of safety critical systems (e.g: automotive, aerospace, medical imaging etc).
This problem requires the development of SW tools to detect and remove adversarial noise and other malicious artifacts in data which could mislead Gen AI models and force them to generate incorrect output.

Create a special working group with focus on Cyber Security in the traditional sense (mitigation of hacking, phishing scams) and also in the context of Gen AI (Data Poisoning, Model Backdoor attacks etc). Here we shall collaborate with BSI (Bundesamt für Sicherheit in der Informationstechnik) and also the Landeskriminalamt and Bundeskriminalamt.
EEU as a group of technical experts will identify gaps in core areas where currently there is a dependency on technologies from companies based outside the EU. EEU will also work as an active networking platform where member companies will be encouraged to form alliances and partnerships to develop technologies which are currently not available inside the EU.