As featured in Help Net Security: Cybercriminals have built a business on YouTube’s blind spots

The barrier to entry for deepfake fraud has collapsed. What used to require technical expertise, expensive software, and significant time now takes minutes with free AI models and a laptop.

This is a real and current day threat, one that cybercriminals have turned platforms like YouTube into profitable attack vectors.

In a recent Help Net Security article, our CEO Camellia Chan weighs in on how organisations need to respond to the industrialisation of deepfake scams. The piece examines how YouTube’s 2.53 billion users have become targets for AI-powered fraud that traditional security controls simply were never designed to stop.

YouTube Has Become a Business Opportunity for Cybercriminals

The article highlights several large-scale operations exploiting YouTube’s trust infrastructure:

The “Ghost Network” malware campaign involved over 3,000 videos uploaded to fake or hijacked channels. These videos promised cracked software or game hacks, but instead delivered phishing pages and malware downloads. By the time YouTube’s moderation team flagged them, thousands of users had already been compromised.

Deepfake crypto scams have weaponized the likenesses of public figures like Elon Musk, Donald Trump, and Nvidia CEO Jensen Huang to promote fraudulent investment schemes. In one case, a fake Nvidia GTC livestream featuring a deepfake of Jensen Huang drew approximately 100,000 viewers and ranked above the official stream in search results before being taken down.

Hijacked verified channels are being repurposed at scale. Scammers buy or compromise established YouTube accounts with followers and algorithmic trust, then keep the verification badge while flooding the channel with AI-generated scam content. Users see the blue checkmark and assume legitimacy – exactly what attackers are counting on.

As the article notes, researchers found that scammers are even hijacking legitimate business accounts – like a Norwegian design agency’s Google Ads account – to run sophisticated phishing campaigns that mirror official TradingView branding, complete with verified badges and pixel-perfect layouts.

The Economics of Deepfake Fraud Are Accelerating

The financial impact is staggering. According to Deloitte research cited in the article, GenAI-driven fraud losses in the United States are projected to reach $40 billion by 2027, up from $12.3 billion in 2023. That’s a 225% increase in just four years.

This surge is directly tied to the commoditisation of deepfake technology. What was once the domain of nation-state actors and well-funded criminal organisations is now accessible to anyone with an internet connection. Free tools, open-source models, and “deepfake-as-a-service” platforms have turned synthetic media creation into a scalable, low-cost operation.

The article points out that scammers no longer need Hollywood-level production quality. They just need content that’s convincing enough to fool someone for 30 seconds – the time it takes to click a malicious link, download malware, or authorize a fraudulent transaction.

Traditional Security Controls Aren’t Built for This

Now here is the uncomfortable truth: your firewall doesn’t filter synthetic media. Your email gateway doesn’t scan YouTube videos. Your endpoint protection doesn’t flag a tutorial that looks legitimate but delivers ransomware.

The attack surface has expanded beyond the network perimeter into content platforms, social media, and communication channels that employees use every day. And because these threats don’t rely on traditional malware signatures or network anomalies, they slip past conventional defenses undetected.

As our CEO Camellia Chan told Help Net Security: “Treat deepfakes like any other cyber threat and apply a zero-trust mindset. That means don’t assume anything is real just because it looks or sounds convincing.”

This philosophy is at the core of how X-PHY approaches synthetic media detection. Zero-trust can’t stop at authentication and access control anymore. It has to extend to every piece of content your organization encounters – video, audio, images, and documents.

What 2026 Will Bring (And Why You Need to Prepare Now)

The Help Net Security article projects that scam activity on YouTube will continue to rise in 2026 as AI tools become even more accessible and affordable. Here’s what security leaders should expect:

• Faster, cheaper production means more scams will reach wider audiences before platforms can respond
• Coordinated networks of fake creators will post, comment, and interact with each other to appear authentic and game algorithmic recommendations
• More hijacked channels with established audiences and trust will be weaponized for malware distribution and fraud
• Deepfakes of public figures will drive a new wave of investment scams, disinformation campaigns, and brand impersonation attacks

Reactive content moderation cannot scale to meet this threat. By the time human reviewers flag and remove malicious content, the damage is already done – systems are compromised, money is stolen, and trust is eroded.

The X-PHY Approach to Deepfake Detection

At X-PHY, we have built our deepfake detection solution on a simple premise: if the threat operates at the speed of AI, your defenses need to as well.

X-PHY Deepfake Detector uses multi-modal AI to analyse synthetic media in real time. Enabling:

1. Real-time detection of AI-generated video, audio, and images without relying on cloud connectivity or external APIs
2. On-device processing that works in high-security, air-gapped environments where traditional SaaS solutions can’t operate
3. Zero-trust verification that treats all content as untrusted until proven authentic—no assumptions based on source, verification badges, or visual quality

The Path Forward: From Awareness to Action

The Help Net Security article makes clear that deepfakes aren’t a niche threat or a distant concern anymore. Deepfakes are a present, profitable, and rapidly scaling attack vector that’s already costing organizations billions.

Security awareness training won’t solve this. Telling employees to “be vigilant” or “look for red flags” is insufficient when the fakes are pixel-perfect and contextually flawless. You can’t train humans to outperform AI-generated deception.

Instead, organisations need to:

1. Expand their threat model to include synthetic media as a critical attack vector across email, collaboration tools, social platforms, and public content
2. Implement zero-trust principles for content verification – not just network access and authentication
3. Deploy autonomous detection across the stack that operates at the speed and sophistication of the attacks themselves
4. Build incident response capabilities specifically designed to handle deepfake scenarios, including brand impersonation, executive fraud, and synthetic media manipulation

Want to learn more about how X-PHY Deepfake Detector works? Schedule a demo or technical briefing with our team here.

But with convenience comes hidden risks. Employees may unknowingly expose sensitive corporate data when using GenAI tools, creating new avenues for insider threats.

In a recent Forbes Technology Council article, our CEO & Co-founder Camellia Chan explains why the solution is not to ban GenAI in the workplace. Instead, organisations need to fix the risks, not the tool.

Key Highlights from the Article

1. Shadow AI creates insider threats: Well-intentioned employees often use GenAI on personal accounts, but this “shadow AI” usage can leak sensitive data outside IT’s visibility.
2. Traditional defenses fall short: Software-based tools like DLP and behavioral analytics are essential, but they can miss risks – especially when compromised credentials make malicious activity look legitimate.
3. Hardware-level zero trust is the missing piece: Embedding security directly at the physical layer, within the memory storage, enables autonomous, real-time defense. By detecting unusual activity such as mass data transfers – even after a breach – hardware-level security stops threats before data escapes. 
4. A holistic strategy is needed: The path forward is not banning GenAI but creating a GenAI-aware security strategy that blends governance, employee education, monitoring, and hardware-based protection.

Explore how X-PHY brings this vision to life with our patented AI-embedded hardware security solutions, available now on our X-PHY eStore.

Read the Full Article: Fix the Risk, Don’t Ban the Tool: How To Secure GenAI At Work on Forbes.

1. A breach has already happened
2. Many more are still vulnerable

That’s exactly what happened on July 19, when Microsoft issued an urgent alert about two zero-day vulnerabilities.

At the time of writing:

On July 19 2025, Microsoft issued an urgent alert for two zero-day vulnerabilities affecting on-premises SharePoint servers, now tracked as CVE-2025-53770 and CVE-2025-53771, and collectively dubbed ToolShell. These vulnerabilities do not impact SharePoint Online but pose a severe risk to organizations running on-prem SharePoint instances.

1. CVE-2025-53770 enables unauthenticated remote code execution (RCE) by exploiting unsafe deserialization, allowing attackers to gain complete control of compromised servers. It carries a critical CVSS score of 9.8/10 and is already being actively exploited in global campaigns targeting government, telecom, and software sectors.
2. CVE-2025-53771 is a spoofing/path traversal vulnerability allowing attackers to bypass authentication via improper header validation. When chained with the first vulnerability, it enables the full ToolShell exploit chain.

The ToolShell attack chain has been used to:

1. Gain access, steal credentials, and in some cases, deploy ransomware
2. Extract sensitive cryptographic keys
3. Use in-memory payloads that evade traditional defenses by avoiding file-based artifacts

Researchers and Microsoft have identified three active attack clusters using evolving tactics and payloads to avoid detection. Microsoft has released emergency out-of-band patches for SharePoint Subscription Edition and 2019 (with 2016 patches pending). 

Security agencies urged immediate patching, key rotation, and enhanced endpoint monitoring.

In short, ToolShell is an evolving, active, and critical threat to on-prem SharePoint deployments.

By the time Microsoft’s alert went out, the first wave of breaches had already begun on July 18, with hackers planting shells that leaked sensitive key material. Even after patching, stolen keys could allow attackers to impersonate legitimate users, making this far more dangerous than a typical “update and you’re safe” incident.

In a comment to Security Boulevard, our CEO, Camellia Chan, shared, “No amount of patching or perimeter defense can guarantee safety when trust assumptions are baked into software architecture. Organizations need to embed protection directly in hardware to close the gap software alone can’t.”

Cybersecurity agencies in the U.S., Canada, and Australia warned that this is not a “patch-and-forget” problem. 

Experts recommend:

1. Patch immediately, but never assume you’re safe
2. Investigate for compromise both before and after updates
3. Harden defenses with zero-trust, hardware-level protections that detect and block threats in real time

The ToolShell campaign is a wake-up call for anyone running exposed on-premises systems. 

Read the full article on Security Boulevard here: https://securityboulevard.com/2025/07/hackers-exploiting-microsoft-flaw-to-attack-governments-businesses/

To learn more about how our solutions can support your cybersecurity strategy, drop us a message at info@x-phy.com, and let’s get started!

How have attackers used deepfakes in real-world incidents, even if hypothetically, and how plausible are those tactics becoming?

We’ve already seen deepfakes used in everything from financial fraud to political disinformation. One of the more alarming trends is impersonation scams, where attackers use synthetic audio or video to pose as CEOs or politicians.

A notable example occurred in Hong Kong in 2020, when a bank manager was tricked into transferring $35 million after receiving a phone call from someone he believed to be a company director. The fraudster used AI-based voice cloning to perfectly mimic the executive’s voice, and backed up the request with convincing emails and documentation. This case was one of the earliest and most high-profile examples of deepfake voice fraud in the financial sector.

This is just one example, but recently I’ve seen an increasing number of reports where companies were tricked into transferring large sums of money based on deepfaked video calls – some of our partners, customers, and even my internal staff have highlighted this as a concern. So clearly, these are no longer hypotheticals – they’re happening now, and the tools to create them are increasingly accessible.

The tactics are highly plausible because they exploit our trust in visual and auditory information. Remember the saying, seeing is believing? We can’t even say that anymore. As long as people rely on what they see and hear as evidence, these attacks will be both effective and difficult to detect without the right tools.

What role does AI play in defending against deepfakes? Are there promising models or architectures specifically designed for this?

AI is both the problem and the solution when it comes to deepfakes. On one hand, it powers the creation of synthetic media. On the other hand, it’s our best line of defense. Advanced machine learning models, especially multi-modal AI, are becoming increasingly effective at spotting subtle, sophisticated signs of manipulation – from unnatural blinking and facial inconsistencies to mismatched audio-visual cues. The value of using AI lies in its ability to provide protection in real-time, with better privacy and faster response times – crucial as threats become more targeted and dynamic.

Some promising AI models used are Convolutional Neural Networks (CNNs), Long Short-Term Memory networks (LSTMs) and Gated Recurrent Units (GRUs). CNNs are used to analyze minute details in visual data, LSTMs and GRUs are memory-based AI models to track audio-visual syncing.

Deepfake detection is also increasingly being integrated into broader security ecosystems, where every layer – from hardware to data to content – acts as a checkpoint for authenticity, adding a vital layer of trust. By combining deepfake detection with robust endpoint security, organizations can ensure that every device is equipped to verify the integrity of digital communications quickly, privately, and without the need to transmit sensitive content to the cloud.

How should organizations update their incident response plans to include deepfake scenarios?

Treat deepfakes like any other cyber threat and apply a zero-trust mindset. That means don’t assume anything is real just because it looks or sounds convincing.

Update your response plan to include steps for verifying video or audio content, especially if it’s being used to request sensitive actions. Build a risk model that considers how deepfakes could be used to target critical business processes, such as executive communications, financial approvals, or customer interactions. Make sure your team knows how to spot red flags, who to alert, and how to document the incident.

Use detection tools that can scan media in real time and save flagged content for review. The faster you can identify and act, the more damage you can prevent. In today’s environment, it’s safer to question first and trust only after you verify.

What internal policies should organizations put in place to mitigate the risk of deepfake attacks?

Organizations should put clear policies in place around verification, detection, and escalation. Any sensitive request – involving money, credentials, or confidential data – should require extra verification, like a call-back or secondary approval.

Deepfake awareness should be built into regular training so employees can spot warning signs early. Utilizing the detection tools to support teams by scanning and flagging suspicious media in real time, helping them make faster, safer decisions.

Incident response plans must also cover how to escalate, preserve evidence, and communicate if a deepfake is suspected.

At the end of the day, questioning unusual communications must become the norm, not the exception.

Is there a risk of liability or compliance exposure if a company falls victim to a deepfake? How should that be factored into planning?

Yes, absolutely – especially if data is leaked or money is lost. Regulators expect companies to take reasonable steps to prevent this kind of fraud. Under laws like the EU’s Digital Operational Resilience Act (DORA), organizations have a duty to protect personal data and ensure operational resilience against cyber threats. A failure to anticipate or guard against deepfake-driven attacks could increase the risk of liability, fines, and reputational damage.

That’s why it’s important to include deepfakes in your cybersecurity and risk planning. Work with your legal team, update your processes, and make sure your systems and staff are ready. If something does happen, you want to be able to show you took it seriously and were prepared.

This article was published on Help Net Security: https://www.helpnetsecurity.com/2025/05/16/camellia-chan-x-phy-defending-against-deepfakes/

To learn more about how our solutions can support your cybersecurity strategy, drop us a message at info@x-phy.com, and we’ll get right back to you!

AI-generated deepfakes are a pressing threat. The ‘innovation’ of cyberthreats keeps evolving and the growth of deepfakes has been exponential. Deepfake content on social media alone grew 550% between 2019 and 2023 and there will be an estimated 8 million deepfakes circulated in the UK in 2025. With the World Economic Forum stating that it is a key global risk, this is something CIOs and business can’t ignore.

Deepfakes are AI-generated depictions of real-life people and as AI has improved, so has its capability to produce even more believable ‘individuals’. At a time when there is more available content online than ever before, AI has a richer selection of assets to use to recreate voices and likenesses of people. These fake identities can then be introduced into virtual meetings, phone calls, or even training videos. 

Deepfakes exploit human trust

What makes deepfakes particularly dangerous is their ability to bypass traditional security defenses. They’re designed to exploit human trust – our natural tendency to believe what we see and hear. It is often said that ‘seeing is believing’, but those days are at risk.

Deepfakes have already caused havoc in the political space. For example, a fabricated audio clip of London Mayor Sadiq Khan almost led to serious public unrest as it showed ‘him’ making inflammatory remarks ahead of Armistice Day.

Similarly, 25 million dollars was stolen from an engineering company after hackers used “a digitally cloned version of a senior manager to order financial transfers during a video conference.”

Seeing is not believing

The majority of employees recognise that an odd-looking email from the CEO asking for vouchers is likely a scam. In a moment of busyness, it might still fool people, but many can spot a poorly created scam phishing attempt. However, deepfakes require an entirely different level of cynicism. You can no longer assume anything is real just because it looks or sounds convincing.

Policies and response plans need to be updated to reflect the appearance of deepfakes, incorporating steps for verifying video or audio content:

1. Establish clear policies: implement policies for the verification, detection, and escalation of deepfake threats.
2. Verify sensitive requests: any request involving money, credentials, or confidential data should always be subject to extra verification (e.g., via a call-back or secondary approval).
3. Adapt risk models: update risk models to consider how deepfakes could target critical business functions, such as executive communications, financial approvals, or customer interactions.
4. Incorporate deepfake awareness: include deepfake recognition in regular cybersecurity training to help employees identify red flags and understand the scope of the threat

However, any organisation that leaves any of its cybersecurity posture down to human judgment will eventually suffer a breach.

AI is key to an all-encompassing cybersecurity posture  

AI is both the issue and the cure. As deepfakes become more believable and lifelike, AI on the ‘other side’ is improving at spotting what is real and what isn’t. Innovative ML models, multi-modal AI especially, is becoming highly effective at spotting the telltale signs of a deepfake – including unnatural blinking, facial inconsistencies, or mismatched audio-visual elements – factors that can easily deceive the human eye.

Yet, not all deepfake detection solutions have been created equal. Adopt one that is zero trust, application-agnostic and can detect deepfakes in real-time, especially on leading platforms like Teams, Zoom, Webex, Chrome, YouTube, and Meta. Also consider ease of adoption, prioritising seamless deployment with flexible options that suit varying enterprise needs. Every endpoint needs to be protected, and solutions that can be installed as a lightweight software agent on personal computers and laptops, or packaged with secure SSDs create a unified defence layer that spans data protection, ransomware prevention, and deepfake detection. 

Ultimately, for businesses to be truly secure from deepfakes, they need to start by defending the hardware and then expanding to establish a multilevel posture that monitors, flags and secures at every level. Adopting a secure-by-design approach is crucial. By deploying solutions that embed AI-driven security features into hardware and endpoints, businesses can ensure systems are operating and defending round the clock, even without the broader protection of a corporate network.

This article was published on CIO Influence: https://cioinfluence.com/security/do-stop-believing-deepfakes-journey-to-be-the-new-cybersecurity-threat/

To learn more about how our solutions can support your cybersecurity strategy, drop us a message at info@x-phy.com and we’ll get right back to you!

CrowdStrike is currently facing multiple lawsuits following the July 2024 outage. Angry customers are seeking compensation for extensive disruptions and financial consequences incurred due to the incident. Its widespread impact has also resulted in a class action lawsuit being filed against the company for negligence.

Although the issue was reversed within 79 minutes, the recovery process was complex and time-consuming. A quick fix was not possible here.

The incident begs the question: how reliable and stable are software security solutions in keeping us protected at all times? When the reason for acquiring software security is to enhance your operations and protect your organization, organizations can ill-afford disruptions coming from the security provider.

As the dust settles, cybersecurity experts must advocate for a change in how organisations approach risk management and security solutions. While this event was not a cyberattack, it has underlined the vulnerabilities in software-dependent security measures and the need for a more holistic approach to cybersecurity.

The possibility of disruptions resulting from software defects or update problems becomes a major issue as companies depend more and more on software solutions to guard their digital assets. The CrowdStrike outage, which led to widespread crashes of specific Windows systems, is a stark reminder of the delicate balance between security and operational stability.

Limitations of software-based security

Blue Screens of Death (BSOD) and system crashes following software updates are not unique to this incident. In a separate incident that same month, Microsoft users reported that their computers were crashing every 30 minutes following a security update.

These incidents raise important questions about the architecture of security solutions and the potential benefits of diversifying cybersecurity strategies. While software-based security remains important for detecting known threats, the need for integration and complex layering of software systems creates a labyrinth of potential challenges. The interdependency that is characteristic of the software ecosystem means that countless entry points and vulnerabilities become interlinked, allowing multiple points of disruption and long recovery times.

The promise of intelligent hardware-based security solutions

Running counter to such issues, hardware-based security solutions have unique benefits. From the silicon level, they operate independently from the software layer and can provide an additional line of defence without interfering with core system processes. This independence is particularly useful in instances where software vulnerabilities or update issues might compromise the integrity of the security system itself.

Just as an external auditor reviews a business’s processes without disrupting or complicating its operations, ideal security solutions should integrate seamlessly to maintain the functionality and workflow of existing systems while providing robust protection.

Moreover, integrating Artificial Intelligence (AI) into hardware-based security solutions presents exciting possibilities for addressing one of the most significant challenges in cybersecurity: zero-day attacks. Unlike traditional software solutions that rely on known threat databases, AI-powered hardware security operating at the hardware layer does its work in an engineered enclave environment. This gives it the potential to identify and respond to new and unknown threats in real-time without the need for constant human updates.

Encouragingly, the concept of non-disruptive security measures is gaining traction in the cybersecurity community which has long relied on software solutions as its main line of defence — but it needs to move faster.

Digital transformation and cybersecurity challenges

The need for robust and adaptable cybersecurity measures is particularly dire in regions experiencing rapid digital transformation, such as the Asia-Pacific (APAC). According to IDC, Asia-Pacific is leading the charge in digital transformation spending growth, with an expected 18.9 per cent increase in 2024, outpacing North America (15.7 per cent), Europe (13.6 per cent), and Latin America (11.3 per cent).

This accelerated pace of digital adoption in Asia-Pacific presents both opportunities and challenges. As organizations in the region embrace new technologies at a faster rate than their global counterparts, ensuring the security and stability of these systems becomes increasingly critical and complex.

The rapid digital transformation in Asia-Pacific also correlates with higher cybersecurity risks. In 2023, the World Economic Forum reported that the average number of cyber attacks per organisation in the APAC region is approximately 47.04 per cent higher than the global average. This higher incident rate shows the urgent need for more advanced cybersecurity measures in the region as it continues to lead in digital transformation.

This reality highlights the need for a more holistic approach that combines the strengths of both hardware-based and software solutions. As we move forward, it’s clear that the future of cybersecurity lies in this balanced hardware-software approach.

A call for a holistic approach

The CrowdStrike outage should be a wake-up call for organisations worldwide. It shows the urgent need for diverse security strategies and innovative solutions that can operate independently of core system processes. Organisations can build more resilient systems capable of withstanding future cybersecurity challenges by adopting a holistic approach that combines the strengths of software and hardware-based security measures. Integrating AI-powered hardware security into existing cybersecurity is how we get the robust, adaptive, and non-disruptive security that we all need.

Explore our solutions or speak with our experts today to learn more about our suite of hardware-based security solutions.

This article was originally published on e27.co.

We are honoured to be recognized alongside some of the most critical innovations shaping the cybersecurity industry today. As SC Magazine highlighted, this year’s RSAC is centered around tackling the pressing challenges of Agentic AI, identity shifts, and increasing policy turbulence – issues that demand new approaches and bold solutions.

At X-PHY, we believe that security must start from the core, building upwards for a holistic defence. Traditional cybersecurity models have too often relied solely on external, reactive measures. 

Our philosophy is different: by embedding proactive, AI-powered defense directly into the hardware and firmware layers, we remove the biggest weaknesses exploited by today’s cybercriminals – human error and delayed response.

Our Deepfake Detector is a direct answer to one of the fastest-growing threats in the digital landscape: synthetic media manipulation. Powered by our an powerful ensemble of AI models and engineered for real-time, offline operation, the X-PHY Deepfake Detector empowers organizations to verify authenticity, protect reputations, and maintain trust in an era where seeing is no longer believing.

We’re excited to share more at RSA Conference 2025, Booth 5368 in the North Expo. But for now, read the full article here: https://www.scworld.com/news/rsac-2025-preview-industry-tackles-agentic-ai-identity-shifts-and-cyber-policy-turbulence

Join us on this journey toward a safer, more resilient digital future!

See what other media platforms are saying about the X-PHY Deepfake Detector:

1. Security Week: https://www.securityweek.com/rsa-conference-2025-pre-event-announcements-summary-part-1/
2. Cyber Defense Magazine: https://cyberdefensewire.com/x-phy-inc-unveils-real-time-deepfake-detection-tool-ahead-of-rsa-conference-2025/
3. All Time Cybersecurity: https://www.alltimecybersecurity.com/2025/04/25/rsa-conference-2025/
4. SecurityBrief: https://securitybrief.news/story/x-phy-unveils-real-time-on-device-deepfake-detection-tool
5. Tech Zeitgeist: https://www.techzeitgeist.de/deepfakes-stoppen-bevor-sie-starten-x-phys-edge-ki-verriegelt-ihre-realitaet/

Autonomous transportation is no longer a vision of the distant future. It is here, transforming the way we move people and goods. From self-driving cars cruising down city streets to doorstep deliveries and even life-saving medical equipment via drones, autonomous systems are becoming integral to industries and daily life. 

They promise efficiency, innovation, and accessibility. However, as they become more prevalent, the pressing question remains: How do we secure these technologies from cyber threats that could undermine their immense potential?

The reliance of autonomous systems on advanced software, artificial intelligence, and interconnected networks makes them particularly vulnerable to cyberattacks. These attacks could compromise not just operational integrity but also public safety and privacy. Securing autonomous transportation is therefore not just a technical challenge, it is a necessity.

The Expanding Reality of Autonomous Transportation

The combined market for autonomous vehicles across land, air, and sea can be valued at an estimated $62 billion USD in 2022, with rapid growth projected in the coming years. As industries embrace self-driving cars, drones, and unmanned vessels, autonomous technology is poised to revolutionize transportation and redefine how we move people and goods, cementing its place at the heart of our future.

On the road, self-driving vehicles are being developed for personal use, ride-sharing, and logistics. Companies like Uber are collaborating with artificial intelligence (AI) specialists such as Nvidia to leverage advancements in AI and computing power, aiming to enhance the efficiency and scalability of autonomous systems. These efforts highlight the vital role of robust AI capabilities in enabling the next generation of transportation solutions, alongside the critical need for securing these systems against evolving cyber threats.

In the skies, drones are revolutionizing delivery services, while autonomous aerial vehicles are on the horizon for passenger transport. Companies like Zipline are leading the charge, having completed over 1.3 million commercial deliveries in the US alone, primarily for medical supplies and consumer goods demonstrating how autonomous drones are transforming logistics with unparalleled speed and efficiency. Meanwhile, autonomous aerial vehicles for passenger transport are on the horizon, hinting at an even broader future for autonomous technologies in the air.

At sea, autonomous ships are beginning to navigate global waterways, promising increased efficiency in cargo transport and lower emissions. The Yara Birkeland, a fully electric and autonomous container ship in Norway, is already reducing emissions while demonstrating the potential of crewless maritime logistics. 

While each type of autonomous system operates in its own unique environment, they all share a common reliance on connectivity, AI, and automation. These features, while enabling their functionality, also introduce vulnerabilities that hackers could exploit.

The Cybersecurity Challenges Facing Autonomous Systems

The opportunities in common that they bring also come with common vulnerabilities, and these can be exploited across land, air, and sea.

Software vulnerabilities are a universal challenge. From malware injection to exploiting unpatched systems, attackers can compromise the very algorithms that drive autonomy, taking control or shutting down operations entirely. This threat is amplified by the interconnected nature of these systems, where a single breach could cascade across multiple vehicles or domains. 

Another critical threat is GPS spoofing, where attackers feed false signals to disrupt navigation. This can misdirect self-driving cars, drones, or ships, potentially causing accidents, delays, or loss of valuable cargo. Sensor tampering is another shared vulnerability, as autonomous systems rely on cameras, LiDAR, radar, and other sensors to interpret their surroundings. A compromised sensor could provide inaccurate data, leading to operational errors or collisions.

Communication networks, such as Vehicle-to-Everything (V2X) or equivalent systems in other domains, are also prime targets for attackers. Spoofing, interception, or denial-of-service (DoS) attacks on these networks could disrupt coordination between vehicles and infrastructure, causing chaos and safety risks.

Additionally, all autonomous systems generate and store sensitive data, such as location histories, user preferences, and operational logs. If this data is accessed or stolen, it could lead to privacy violations, espionage, or even physical harm if attackers exploit it for targeted attacks.

It goes without saying that if these concerns remain unaddressed, it will continue to be a major challenge to build consumer trust and confidence in these systems.

Lessons from Recent Incidents

The urgency of addressing these cybersecurity challenges is underscored by real-world incidents. 

In 2015, security researchers demonstrated the ability to remotely access and control various functions of a Tesla Model S, including the infotainment system, by exploiting software vulnerabilities. Tesla quickly addressed these issues with over-the-air (OTA) updates, but the incident highlighted the potential dangers of compromised software in connected vehicles.

GPS spoofing, a significant threat to autonomous systems, has been highlighted in several alarming cases. In 2019, Regulus Cyber successfully conducted a test on a Tesla Model 3, deceiving its navigation system through GPS spoofing. This caused the vehicle to exit a highway unexpectedly, showcasing the risks of over-the-air attacks on navigation systems. More recently, in 2024, reports of GPS spoofing incidents affecting commercial airliners have emerged, particularly in conflict zones. These attacks led to navigation systems displaying incorrect positions, posing significant risks to aviation safety. The implications are even more severe when considering unmanned vehicles, where human intervention is absent to correct the course.

These incidents make it clear that autonomous transportation systems must be designed with security as a foundational principle, not an afterthought. As reliance on autonomy grows, addressing these vulnerabilities is not just critical for the success of the technology but also for public safety and trust.

Building a Secure Future for Autonomous Transportation

Securing autonomous transportation requires a multi-faceted approach that addresses its unique risks. Communication protocols, such as V2X and drone-to-controller links, must minimally be fortified with encryption and authentication to prevent unauthorized access. AI systems used in autonomous vehicles and drones must be made resilient against adversarial attacks, such as manipulated traffic signs or false data inputs designed to mislead decision-making.

While software security plays a crucial role in protecting autonomous systems, it must be complemented by hardware-based security measures to offer comprehensive protection. Hardware security is uniquely positioned to detect and stop malicious actors attempting to access data in real time, addressing threats at the physical layer where critical data is generated and processed. For instance, embedded sensors in hardware can identify attempts to access or tamper with sensitive data and immediately lock down the system to prevent theft or corruption.

One of the most significant advantages of hardware security is its independence from interconnected systems. Unlike software, which often relies on a network of applications and updates, hardware can operate independently. This independence makes it far less susceptible to the cascading vulnerabilities that plague interconnected software systems, such as malware spreading through shared networks or dependencies on compromised third-party applications. Hardware’s self-contained nature ensures it can continue functioning and safeguarding critical data even when other layers of security are breached.

To build a robust future for autonomous transportation, redundancy and fail-safes must also be built into critical systems to ensure functionality during a breach. In the event of a vehicle hack – such as an attacker gaining remote control of a car’s steering, brakes, or acceleration – hardware security can act as the last line of defence. Its ability to operate autonomously and proactively ensures that the system can detect unauthorized actions in real time, isolate the compromised components, and prevent malicious commands from causing harm.

For instance, in a scenario where navigation systems are hijacked or critical driving functions are manipulated, hardware-level monitoring can trigger a lockdown or revert the vehicle to a safe mode, overriding malicious inputs. This capability is particularly vital in high-stakes environments, such as urban areas or highways, where a compromised vehicle could endanger not only its passengers but also other road users.

Looking Ahead to a Bright and Secure Future

The future of autonomous transportation is bright, but its success hinges on public trust and safety. As these technologies become more prevalent, the industry must prioritize cybersecurity at every stage – from design and manufacturing to deployment and ongoing operation. A critical part of this effort is ensuring that hardware and software security work together seamlessly, creating a multi-layered defence against evolving threats.

Emerging innovations, such as edge computing to reduce reliance on centralized systems, further enhance this collaboration. By processing data closer to the source, edge computing minimizes latency and the risks associated with transferring sensitive information over potentially vulnerable networks. This decentralized approach aligns well with the strengths of hardware security, which operates independently and can safeguard data at its point of origin.

Ultimately, the journey toward secure autonomous transportation requires continuous vigilance, innovation, and collaboration. By addressing cybersecurity challenges head-on, we can unlock the full potential of these technologies while safeguarding the people and systems they serve.

This article was published on e27: https://e27.co/autonomy-vs-anarchy-how-do-we-secure-the-future-of-autonomous-transportation-20250120/

To learn more about how our solutions can support your cybersecurity strategy, drop us a message at info@x-phy.com and we’ll get right back to you!

Gartner predicts that only 10% of large organizations will achieve a mature and comprehensive Zero Trust system by 2026. Why such disparity? The human factor.

The Human Factor: A Fundamental Vulnerability

Traditional Zero Trust approaches depend heavily on human configuration and oversight. While well-trained and resourceful, humans are also fallible. Fatigue, stress, and cognitive overload lead to errors—opening gaps that cybercriminals exploit.

This challenge can be likened to air traffic control, a system where human controllers coordinate thousands of flights daily to ensure safety. Despite their expertise, errors occur due to the inherent limitations of human operators. Cybersecurity faces the same issue: even with the best-trained professionals, reliance on human judgment creates vulnerabilities.

By embedding cybersecurity at the hardware level and incorporating AI, we achieve something akin to an autonomous flight system. This hardware-AI combination proactively detects and neutralizes threats in real-time, without needing humans to intervene at every step. Just as autonomous flight reduces the likelihood of accidents, hardware-embedded security reduces vulnerabilities introduced by human error.

Rethinking Zero Trust: A Hardware-Driven Paradigm

For Zero Trust to live up to its promise, it requires a fundamental shift from human-dependent configurations to hardware-embedded, AI-driven systems. By embedding security into the hardware layer and leveraging AI for automated policy enforcement, organizations can achieve:

1. Proactive Threat Detection: AI-driven systems can autonomously monitor and respond to anomalies in real-time.
2. Consistent Enforcement: Unlike human operators, AI works tirelessly and without bias, ensuring a dependable security posture.
3. Elimination of Human Error: Hardware-embedded solutions operate in isolated, controlled environments, minimizing the variables and vulnerabilities introduced by humans.

The X-PHY® Solution: Turning Theory Into Practice

At Flexxon, we’ve led the charge with this hardware-first approach with our flagship X-PHY® AI-embedded SSD. Operating at the physical layer, it proactively monitors read-write activities, detects threats in real-time, and autonomously neutralizes them—without requiring constant updates or human intervention.

This approach reduces the disparity highlighted by Gartner, as it removes reliance on human oversight and ensures Zero Trust principles are applied consistently.

Don’t Ditch Zero Trust, Just Do It Smarter

While Zero Trust remains a powerful framework, its potential can only be fully realized by addressing its foundational weaknesses. The shift to hardware-embedded, AI-driven security is the future of cybersecurity.

By reducing the reliance on human intervention, organizations can truly embody the principles of “never trust, always verify.”

Read more from our CEO Camellia Chan on BetaNews: Why Zero Trust Can’t Be Fully Trusted.

It’s essential for companies that leverage digital tools to establish a well-rounded, robust strategy for combating insider threats, with the primary goal, whenever possible, of preventing them altogether. Below, members of Forbes Technology Council share expert tips to help organizations across industries address (or better yet, avoid) insider threats.

Our CEO Camellia Chan contributed her expertise to this article, sharing, “A smart strategy is leveraging AI-driven analytics, embedded at the hardware level, for continuous monitoring. This approach detects unusual activity in real time, whether from intentional or accidental actions. This approach is crucial because hardware-level security offers a deeper layer of protection, identifying threats before data is compromised.”

Read the full article to hear what other cybersecurity experts had to say: https://www.forbes.com/councils/forbestechcouncil/2024/10/24/insider-threats-expert-ways-to-address-and-avoid-them/

Explore our solutions or speak with our experts today to learn more about our suite of hardware-based security solutions.

This article was originally published on Forbes, as a part of the Forbes Technology Council.