Cyberattacks in the freight industry are no longer what they used to be. Today’s threats are faster, smarter and more scalable. Generative AI makes it easier for bad actors to automate attacks, craft nearly perfect phishing emails and exploit weak points in systems that were once considered too obscure to be of interest. Fortunately, the same technology is also helping carriers, brokers and shippers fight back with powerful new defenses.
“Cyber is a team sport,” says Joe Ohr, Chief Operating Officer at the National Motor Freight and Traffic Association (NMFTA). “Whether you run five tractors or 50,000, you win only when everyone plays together.” Alongside Director of Cybersecurity Artie Crawford, Ohr is helping lead the charge to strengthen cybersecurity across over-the-road (OTR) shipping through education, research and AI-driven strategy.
The freight industry has become a consistent target for a new generation of cyberattacks that are faster and more sophisticated than ever before. These threats include ransomware-as-a-service (RaaS), which gives virtually anyone the tools to launch an attack, as well as highly convincing business email compromise (BEC) scams and large-scale automated data scraping campaigns. Many of these tactics are enhanced by artificial intelligence, which allows attackers to work at a scale and speed that traditional defenses struggle to match.
Artie Crawford, Director of Cybersecurity at the NMFTA, describes this modern approach as a “shotgun-style” attack. Instead of selecting a specific target, cybercriminals cast a wide net across hundreds or even thousands of organizations. Once they identify a weak spot -- often through a phishing email, misconfigured system, or vulnerable device -- they begin digging deeper. Their goal is to access valuable data, such as employee records, fleet credentials, financial information, or anything that can be exploited or sold. In some cases, attackers even target in-cab driver systems or shop equipment to compromise additional devices or disrupt daily operations.
The freight industry’s vulnerability is compounded by uneven adoption of cybersecurity practices. Many fleets continue to believe they are too small to be worth targeting or assume their outdated systems somehow make them invisible to cybercriminals. This creates a dangerous false sense of security. In truth, smaller companies often lack formal IT departments, have limited security training, and operate with minimal system monitoring. These gaps make them an ideal target, not because of the value of their freight, but because they are easier to breach.
Legacy systems also create serious risks. Devices like older shop laptops, diagnostic tools, or trailer sensors frequently run on outdated operating systems that no longer receive security patches. These devices are often connected directly to internal networks without proper segmentation or monitoring. As a result, a single compromised endpoint can become the entry point for a much larger attack.
Crawford stresses that companies need to stop thinking of cybersecurity as a concern only for large fleets. Risk is not determined by company size but by how well systems and people are protected. The rise of connected freight technology has blurred the lines between IT, operations and infrastructure. Even basic tools -- like ELDs, mobile dispatch apps, and Wi-Fi-connected routers -- can become attack surfaces if left unsecured.
The takeaway is clear. Every organization, regardless of size, needs to take cybersecurity seriously. In today’s environment, any device that sends or receives data is a potential target, and every team member -- from IT to drivers -- needs to be part of the defense.
AI is not just fueling cyberattacks, it is also powering some of the most advanced defenses available to the freight industry. With the ability to analyze massive amounts of data and detect unusual activity in real time, AI gives companies the tools to spot threats faster and respond before they escalate. However, its value depends on how it is applied. Below are several ways AI can strengthen cybersecurity in freight operations:
The key takeaway is that AI can dramatically improve cybersecurity readiness, but it should not operate in a vacuum. To be truly effective, AI must be integrated into a broader framework that includes human oversight, training and strong organizational policies. When every user and endpoint is part of the solution, freight companies can build a more secure and resilient operation.
While AI brings powerful capabilities to freight cybersecurity, it also introduces new and evolving risks. The same technology that helps detect threats can be used to launch them faster, smarter and at a much larger scale. To use AI effectively, freight and logistics companies need to understand where it can fall short, and how to build safeguards that turn risk into resilience. Below are some of the most pressing AI-related cybersecurity threats and how to address them head-on.
AI should be part of your cybersecurity strategy—but not your entire strategy. Use it to enhance visibility and response time, but always combine it with human oversight, clear protocols and a strong culture of security awareness.
As digital transformation continues, more freight companies are connecting through APIs to brokers, TMS systems and data tools. This creates efficiency but also introduces new risks. Old APIs are often left active and unmonitored, providing a potential path for attackers. Ohr stresses the importance of retiring outdated integrations, enforcing authentication standards and monitoring traffic patterns for signs of trouble.
Carriers also need to vet vendors more thoroughly. “During the RFP process, cybersecurity needs to be a top priority,” Ohr advises. “Your vendors are your partners, especially during a cyber event.” A strong vendor relationship includes transparency, rapid response plans and ongoing collaboration around system security.
The freight industry can also turn AI into a defensive asset. AI-powered email filters, for instance, can analyze writing patterns to detect messages that look machine-generated. Systems can also flag emails from senders who don’t normally communicate with the recipient, prompting an extra layer of review.
AI is also being used to simulate deepfake attacks, like phone calls that sound like executives asking for urgent action. These simulations can help train employees to spot and report suspicious behavior. The more familiar your team becomes with real-world attack methods, the more prepared they’ll be to respond.
Crawford recommends starting with vendor conversations. Ask what security measures are in place, how AI is used and what the company’s response plan is in the event of a breach. Just as important, involve your entire organization in cybersecurity awareness, not just the IT department. NMFTA offers a range of free tools and educational resources, including the Road to Resilience framework, at www.nmfta.org/cyber.
Cybersecurity is no longer a tech-side concern. It’s a business-critical issue for the entire supply chain. As AI reshapes both threats and defenses, the companies that succeed will be the ones who make security a shared responsibility.
“AI is not the solution for everything,” says Ohr. “Take it slow. Do your research. But most importantly, make cybersecurity a core part of your company culture -- just like safety.”
With the right mindset, partners and technology, the freight industry can move forward with confidence, and stay one step ahead of whatever comes next.
Ohr and Crawford both emphasize that cybersecurity must become part of company culture. “Cyber has to become part of your company’s DNA,” says Ohr. “It’s got to be like safety -- something everyone owns.” In the past, cybersecurity was often viewed as the IT department’s responsibility. Today, it has to include everyone -- from drivers to maintenance teams and leadership.
Banyan Technology recently launched a six-part AI mini-series on its Tire Tracks® podcast. The series explores how AI is redefining every stage of freight procurement, from forecasting and load execution to cybersecurity and beyond.
Each episode brings a fresh perspective from industry and technology leaders working at the cutting edge of AI in logistics. Whether you are just starting to explore AI or looking to scale your existing strategy, the series offers practical insights, real-world use cases and future-forward thinking you can act on today.
Click here to watch episode 3 of our Impact of AI on Freight Procurement mini-series.
Stay tuned for upcoming episodes covering predictive analytics, risk management, fraud detection, data security and how AI is transforming shipper and 3PL operations across the supply chain.