By Rob Vann, Chief Solutions officer at Cyberfort
26th May 2025
AI and cybersecurity are now intrinsically linked in the transportation sector. AI systems must be protected like any other critical asset and used defensively to enhance cyber resilience. Whether safeguarding autonomous vehicles, securing logistics chains, implementing zero-trust frameworks, or preparing for new regulations, the message is clear: cybersecurity is not optional in the age of AI-powered transport. Organisations that embrace this reality will not only avoid the devastating impact of cyberattacks but will also gain a competitive edge by building systems that are secure, intelligent, and resilient by design.
Vulnerability Assessment of Autonomous Vehicles
Autonomous vehicles (AVs) are among the most high-profile applications of AI. These systems rely on complex sensor arrays, deep learning models, and edge computing to make split-second driving decisions. Ironically, this life-saving mitigation of human error through enabling support and autonomy also introduces novel vulnerabilities, requiring different and iterated defensive approaches and techniques to be intertwined with the traditional “do the basics well” approach.
Before we even consider sophisticated attacks, AVs interacting with our physical world face a number of environmental and malicious risks. For example, an attacker physically interfering with road signs on a new road could create subtle manipulations of sensors where GPS data is not available to confirm an upcoming hazard through other systems. Autonomous parcel delivery systems regularly “fall” off kerbs and ironically must be “rescued” by kind-hearted human passersby. This is especially a challenge within the UK, where environments such as kerb heights and pavement widths are often many years old and hence do not have the consistency of more modern planned town layouts in the US.
Laws and environmental changes mean that AVs must be trained, consider, understand, and respond to the actual geographies that they are currently operating in.
Furthermore, in a simple system, “falling back” to a baseline operating level is often an option. When you lose GPS, you follow the signs; when an assisted vehicle is operating in heavily adverse weather conditions, the system notifies the driver it is no longer steering, braking, or accelerating, and the driver resumes control. In a truly autonomous transportation system, these failsafe’s must be carefully considered to encompass all possible outcomes safely and effectively.
The transition to fully autonomous vehicles is another area for consideration. As drivers, we are taught to avoid confrontation; if people are tailgating us, we let them pass and drop back. However, as the percentage of autonomous vehicles increases, inconsiderate or dangerous drivers may “force” AVs to take evasive action, which then creates a chain reaction across the AVs surrounding it.
Beyond these “simple” potential challenges (which must be understood, predicted, tested, and mitigated), there’s also the risk of remote code execution to manipulate AVs’ driving behaviours. If a malicious actor gains access to over-the-air update systems, navigation modules, or vehicle-to-infrastructure (V2I) communication channels, they could cause significant disruptions.
To safeguard autonomous vehicles, a layered security approach is essential. This includes AI robustness testing, where models are trained and tested against adversarial inputs across all geographies, systems, and environments they may interact with. Code signing and secure bootloaders ensure that only authenticated software is installed or run. Real-time anomaly detection uses AI to monitor vehicle behaviour for anomalies such as unexpected lane changes, deviations from logistics routes, loss of centralised connectivity, or communication spikes. Additionally, isolating safety-critical systems by separating AI decision-making from infotainment, customer announcements, and other third-party applications limits exposure and enhances security.
Ultimately, cybersecurity for AVs must be treated as a primary secure-by-design requirement, not an afterthought.
Securing AI-Powered Supply Chains
Supply chain attacks span all areas of technology, from compromising core code in autonomous vehicles to transport-specific workflows. Modern logistics networks rely heavily on AI for forecasting, routing, inventory management, and robotic automation, creating extended attack surfaces and inconsistent security postures. AI models trained on sensitive data can be targeted for model inversion attacks, leading to compromised decision-making that reroutes shipments, delays deliveries, or triggers fraudulent inventory movements. Attackers may exploit IoT endpoints, such as connected sensors in logistics warehouses, to deploy ransomware or other malicious agents.
Defensive strategies for AI-powered supply chains include understanding the vast and sprawling nature of supply chains, where small businesses often manufacture critical components but lack enterprise-level defences. End-to-end encryption ensures all data in transit is secure. Federated learning distributes AI training across multiple devices, decentralising data to reduce exposure and improve privacy.
Continuous model monitoring by both human and AI systems helps identify data drift, unforeseen use cases, and malicious inference. Threat intelligence sharing among logistics partners enhances detection of supply chain-wide threats. Cybersecurity in supply chains is now a boardroom priority that impacts physical operations.
Zero-Trust Architecture for Connected Transport
In zero-trust, no device, user, or system is inherently trusted—even if it’s inside the network. Instead, access is granted based on continuous verification of identity, device posture, and contextual risk. With vehicles, roadside infrastructure, and control centres all becoming interconnected, the need for a zero-trust approach in transportation is critical. Traditional perimeter-based security models are no longer sufficient, as the perimeter is constantly shifting, difficult to secure, and hard to monitor and respond to.
Zero Trust is a concept that is often discussed but rarely fully implemented. Critical components for transportation systems include micro-segmentation, which involves dividing networks and systems into separate zones to reduce lateral movement in case of a breach and mitigate the risk of single incidents spreading to impact the entire ecosystem. Identity-centric controls, such as multi-factor authentication (MFA), least-privilege access, and identity governance, are essential. Behavioural analytics play a key role in Zero Trust by using AI to identify deviations in access patterns or operational behaviour.
Policy automation, driven by AI, dynamically adapts access controls based on real-time risk assessments, ensuring a robust and responsive security posture. In transportation, we should remember that a Zero Trust Approach doesn’t just improve a system’s defensive posture, it boosts operational resilience and improves performance by containing incidents as early as possible, before they spread across complex transport ecosystems.
Regulatory Horizons
As the transportation industry evolves, so too does its regulatory landscape. Governments and international bodies are responding with updated mandates around cybersecurity, AI ethics, and data privacy. Within a global supply chain supporting the development and rollout of AVs, the platforms and systems are often common, but regulatory frameworks, legal requirements, areas of responsibility, and regulatory fines are more often territory or country-driven. These include privacy, security, design, and safety, and care should be taken to consider the systems’ likely and possible use areas rather than defaulting to primary sold markets.
Examples of regulation include UN Regulation No. 155 (Cybersecurity Management System), which now applies to all new vehicle types sold in many countries and mandates robust cybersecurity risk management for automakers. The EU’s NIS2 Directive expands security obligations for operators of essential services, including transportation. In the UK, the Automated Vehicles Act sets a legal framework for self-driving vehicles and their use within the UK, projected to be in use on public roads from 2026. In the US, the National Highway Traffic Safety Administration (NHTSA) has proposed a voluntary program and is expected to introduce AI-specific safety standards for autonomous driving systems.
Organisations can stay ahead of compliance by conducting comprehensive cybersecurity maturity assessments, implementing AI compliance standards and ethics frameworks to ensure fairness and explainability, and participating in public-private collaboration initiatives to stay informed on evolving threats and best practices. Regulatory alignment isn’t just about avoiding penalties; it builds trust with customers and stakeholders to enable maximum leverage and minimum exposure in a high-risk, high-reward industry.
Real-World Examples
AI driven ransomware attack on logistics company
Recent incidents underscore the importance of robust cybersecurity measures in transportation. These include the disruption of AVs, targeting of customer information and safety systems, and logistics system.
Autonomous Vehicle Confusion
Autonomous vehicle confusion has been demonstrated through two intriguing proofs of concept. Firstly, researchers have shown that Tesla’s AI vision system can be deceived using adversarial examples on the road, such as fake lane markings or speed limit signs. This underscores the necessity for robust sensor fusion and constant validation of model outputs to ensure safety and reliability.
Secondly, an experiment conducted by one of Cyberfort’s own resources involved adding a 60mph speed sign to the rear window of a car. On private land, a semi-autonomous vehicle was driven past the parked car. This experiment was repeated with three different vehicles, and it was observed that two of the vehicles quickly accelerated to address the perceived speed limit change from 5mph to 60mph, while the third vehicle remained unaffected. These results were consistently replicated, highlighting potential vulnerabilities in autonomous vehicle systems and the importance of continuous improvement in AI robustness and sensor accuracy. These findings illustrate the critical need for ongoing advancements in autonomous vehicle technology to mitigate risks and enhance the reliability of AI-driven systems on the road.
Key Lessons
To ensure robust cyber resilience, it’s crucial to adopt a holistic security approach that encompasses everything from physical sensors to cloud-based analytics platforms. Defensive AI technologies, such as behavioural analytics, anomaly detection, and automated response systems, play a vital role in identifying and containing threats in real time. However, the growing threat of offensive AI, which attackers use for reconnaissance, phishing personalisation, and identifying zero-day vulnerabilities, underscores the need for continuous vigilance and advanced security measures.
