Model Poisoning and AI Manipulation: New Cyber Risks Reach the Automotive Industry
12 March, 2026
A new report by Upstream Security warns that AI integration in connected vehicles is opening new cyberattack vectors, as incidents in the sector surged to 494 in 2025
Artificial intelligence is rapidly becoming a core technology in the transportation industry. Automakers and technology companies are integrating AI systems into autonomous driving platforms, advanced driver-assistance systems (ADAS), fleet management, and smart services within connected vehicles. Advanced models are trained on massive volumes of driving and sensor data to improve driving performance, optimize operations, and enable new smart mobility services.
However, alongside these technological benefits, the rise of AI is also creating a new layer of cyber risk.
According to the annual report by Upstream Security, which maps cyber threats across the automotive and smart mobility ecosystem, the accelerated integration of artificial intelligence into transportation systems is introducing a new range of attack vectors. This year marks the eighth edition of the report, which places particular emphasis on emerging risks associated with AI technologies.
The report is based on an analysis of 494 publicly reported cyber incidents recorded in 2025, as part of a database of 2,371 incidents documented since 2010, alongside intelligence gathered from deep- and dark-web sources and monitoring of about 1,996 active threat actors in the field.
Researchers note that “AI is reshaping the cyber landscape for automotive and smart mobility.” According to the report, AI systems are now integrated across multiple layers of the mobility ecosystem—from development environments and cloud services to vehicle applications and customer-facing services—meaning that vulnerabilities in models or surrounding interfaces can become entry points for attackers. The report also warns that AI is not only a target of attacks but increasingly a tool used by attackers themselves. It estimates that roughly 80–90% of cyber operations worldwide can already be executed autonomously by AI, enabling attacks to be carried out at far greater scale and speed than before—a trend likely to affect smart mobility systems as well.
Manipulating Driving Models
One of the key threats highlighted in the report is Prompt Injection attacks, in which an attacker feeds malicious input into an AI system to manipulate the model. According to the report, the risk is particularly relevant for AI systems integrated into cloud services, vehicle applications, and customer service platforms—systems that accept text or voice input from users or other services. In such cases, attackers can craft malicious inputs designed to trick the AI into performing unintended actions, bypassing authorization mechanisms, or exposing sensitive information.
The report also highlights additional risks associated with AI systems, including training data poisoning, sensitive data exposure, and model manipulation. Researchers note that the integration of large language models into mobility services creates new vulnerabilities, writing that “LLMs are being integrated across development, operations, and customer-facing mobility services, introducing new vulnerabilities.” The weakness may arise not only during model deployment but throughout the model lifecycle. In the case of training data poisoning, attackers may attempt to influence the datasets used to train models—either by inserting malicious data into data repositories or through external systems and third-party services that supply data to AI systems. The report also points to risks such as sensitive information leakage through models connected to enterprise systems, manipulation of models through crafted inputs, and attacks designed to disrupt the operation of the model itself. In connected mobility environments—where AI models operate alongside cloud services, APIs, and operational platforms—a vulnerability in one component can become a broader entry point into vehicle and mobility systems.
Another risk stems from the broader ecosystem in which AI systems operate. Many of these systems rely on cloud infrastructure and software interfaces, meaning that a breach in one service could affect others. The report warns that the adoption of AI-powered third-party services “introduces new supply chain risks,” where vulnerabilities in external providers could potentially impact the systems of multiple automakers.
Cyber Attacks on the Rise
These concerns are reinforced by broader trends in cyber threats targeting the mobility sector. According to the report, 494 publicly reported cyber incidents were recorded in the automotive and smart mobility sector in 2025—nearly double the number recorded in 2024—as part of a dataset of more than 2,300 incidents documented since 2010. Ransomware attacks have become a major threat in the industry, accounting for 44% of incidents and often carried out by organized cybercrime groups.
The report also shows that most attacks do not require physical access to vehicles. About 92% of incidents are conducted remotely via the internet or communication networks, and many target the digital infrastructure surrounding vehicles. In practice, the primary attack surface is not necessarily the vehicle itself but the cloud systems and APIs connecting it to external services. Researchers emphasize that “backend servers and APIs remained the dominant exposure point” in connected mobility systems.
The nature of the damage is also evolving. Data breaches have become the most common impact of cyber incidents in the transportation sector, accounting for 68% of cases. Other incidents involve service disruption, system control, or digital fraud.
The report concludes that as artificial intelligence becomes more deeply embedded in mobility systems, the cybersecurity perimeter of the vehicle continues to expand. Protecting connected transportation will therefore require securing the entire ecosystem—from the vehicle itself to cloud infrastructure, software interfaces, and the AI systems increasingly powering modern mobility services.
Main image source: Upstream Security
Posted in: AI , Automotive , Cyber , News
Posted in tags: Upstream Security
