CYBERSECURITY IN IOT SYSTEMS FOR THE TRANSPORTATION SECTOR: THREATS, ATTACKS, AND PROTECTION STRATEGIES

Yıl 2025, Sayı: 2, 14 - 33, 29.06.2025

Yunus Emre Seyyar

Öz

The transportation sector represents a critical infrastructural element within the global economy and has experienced a significant paradigm shift in recent years, predominantly catalyzed by the rapid advancement of digital technologies. This transformation is most pronounced in the extensive integration of Internet of Things (IoT) technologies, which have substantively augmented the operational efficiency, safety standards, and environmental sustainability of transportation systems. Key applications of IoT, ranging from advanced traffic management systems and electric vehicle charging networks to the deployment of autonomous vehicles and smart passenger transportation solutions, are fundamentally redefining the operational dynamics of the sector. However, the rapid expansion of IoT-based infrastructure has concurrently introduced a wide array of cybersecurity vulnerabilities, rendering the sector increasingly susceptible to cyberattacks. These threats pose substantial economic, operational, and safety-related risks. This paper provides a systematic analysis of cyberattacks targeting Internet of Things (IoT) devices in the transportation sector. It assesses the operational and security-related implications of such threats and proposes a set of integrated cybersecurity strategies and policy-level recommendations aimed at enhancing the resilience of transportation infrastructures against these evolving attack threats.

Anahtar Kelimeler

Transportation Sector , Cybersecurity , Internet of Things , Artificial Intelligence , Cyberattacks

ULAŞIM SEKTÖRÜNDE IOT SİSTEMLERİ VE SİBER GÜVENLİK: TEHDİTLER, SALDIRILAR VE KORUNMA YÖNTEMLERİ

Öz

Ulaşım sektörü, küresel ekonominin kritik altyapı unsurlarından birini temsil etmekte olup son yıllarda dijital teknolojilerin hızlı gelişimiyle birlikte önemli bir paradigma değişimi yaşamaktadır. Bu dönüşüm özellikle Nesnelerin İnterneti (IoT) teknolojilerinin yaygın entegrasyonu ile belirginleşmiş; bu teknolojiler, ulaşım sistemlerinin operasyonel verimliliğini, güvenlik standartlarını ve çevresel sürdürülebilirliğini önemli ölçüde artırmıştır. Gelişmiş trafik yönetim sistemlerinden elektrikli araç şarj ağlarına, otonom araçların kullanımından akıllı yolcu taşıma çözümlerine kadar uzanan IoT uygulamaları, sektörün işleyiş dinamiklerini köklü bir şekilde yeniden tanımlamaktadır. Ancak IoT tabanlı altyapının hızla yaygınlaşması, beraberinde çok sayıda siber güvenlik açığını da getirmiş ve sektörü siber saldırılara karşı giderek daha savunmasız hâle getirmiştir. Bu tehditler ekonomik, operasyonel ve güvenlik açısından ciddi riskler oluşturmaktadır. Bu çalışma ulaşım sektöründe Nesnelerin İnterneti (IoT) cihazlarını hedef alan siber saldırıların sistematik bir analizini sunmakta; bu tehditlerin operasyonel ve güvenlik odaklı etkilerini değerlendirmekte ve ulaşım altyapılarının bu evrilen saldırı tehditlerine karşı dayanıklılığını artırmaya yönelik entegre siber güvenlik stratejileri ile politika düzeyinde öneriler ortaya koymaktadır.

Anahtar Kelimeler

Ulaştırma Sektörü , Siber Güvenlik , Nesnelerin İnterneti , Yapay Zekâ , Siber Saldırılar

Kaynakça

• Al-badawi, H. (2024). Cyber Security Challenges in the Transportation Industry – A Comprehensive Analysis and Recommendations. 11(2), 16–41. https://doi. org/10.12792/JMTI.11.2.16
• Al-Zahrani, A. (2022). Assessing and Proposing Countermeasures for Cyber-Security Attacks. International Journal of Advanced Computer Science and Applications, 13(1), 885–895. https://doi.org/10.14569/IJACSA.2022.01301102
• Antonio, J., Franco, D. P., & Pires, F. (2025). Cyber Attacks against Critical Infrastructures Analysis of Methods , SCADA Exploitation and Real Cases. 1–12.
• Eleimat, M., & Őszi, A. (2025). Cybersecurity in Aviation: Exploring the Significance, Applications, and Challenges of Cybersecurity in the Aviation Sector. https://doi. org/10.3311/PPtr.37153
• Fenton, A. J. (2024). Preventing Catastrophic Cyber–Physical Attacks on the Global Maritime Transportation System: A Case Study of Hybrid Maritime Security in the Straits of Malacca and Singapore. Journal of Marine Science and Engineering, 12(3). https://doi.org/10.3390/jmse12030510
• Gawazah, L. (2024). To Pay or Not to Pay- The US Colonial Pipeline Ransomware Attack. Researchgate, August. https://www.researchgate.net/publication/383206534_To_ Pay_or_Not_to_Pay-_The_US_Colonial_Pipeline_Ransomware_Attack
• Gupta, K., Panigrahi, B. K., Joshi, A., & Paul, K. (2024). Demonstration of denial of charging attack on electric vehicle charging infrastructure and its consequences. International Journal of Critical Infrastructure Protection, 46(February), 100693. https://doi.org/10.1016/j.ijcip.2024.100693
• Illiashenko, O., Kharchenko, V., Babeshko, I., Fesenko, H., & Di Giandomenico, F. (2023). Security-Informed Safety Analysis of Autonomous Transport Systems Considering AI-Powered Cyberattacks and Protection. Entropy, 25(8), 1–35. https:// doi.org/10.3390/e25081123
• Ishii, D. (2025). Comparative Analysis of Major Cybersecurity Incidents : Major Cybersecurity Incidents in 2018. February, 0–7. https://doi.org/10.13140/ RG.2.2.18254.78407
• Junction, W. R., & Arbor, A. (2000). Developing a Culture of. 21(1), 270–276.
• Khan, I. U., Ouaissa, M., Ouaissa, M., Houda, Z. A. El, & Ijaz, M. F. (2024). Cyber Security for Next-Generation Computing Technologies. In Cyber Security for Next-Generation Computing Technologies. https://doi.org/10.1201/9781003404361
• Korpimäki, S. (2023). Cybersecurity and Risk Management in Implementing Future Railway Mobile Communications System.
• Macit, A. (2024). Ulaştırma Modlarının Geleceği : Yapay Zekânın Akıllı Ulaşım Sistemlerine Entegrasyonu The Future of Transportation Modes : Integration of Artificial Intelligence into Intelligent Transportation Systems. 0–2.
• Neutze J., N. J. P. (2013). Cyber Insecurity: Competition, Conflict, and Innovation Demand Effective Cybre Security Norms. Georgetown Journal of International Affairs, May 2025, 3–15.
• Noah, A., Moon, L., & John, A. (2024). The Consequences of Non-Compliance with Data Protection Regulations on Business Analytics Authors. December.
• Ntafloukas, K., Pasquale, L., Martinez-Pastor, B., & McCrum, D. P. (2023). A Vulnerability Assessment Approach for Transportation Networks Subjected to Cyber–Physical Attacks. Future Internet, 15(3). https://doi.org/10.3390/fi15030100
• Okero, E. K. (2024). Qualitative Study on Cyber Security Attacks Affecting the Civil Aviation Industry.
• Önder, H., & Akdemir, F. (2020). Digital Dimension of Urban Transportation: Transportation 4.0. Akıllı Ulaşım Sistemleri ve Uygulamaları Dergisi, 3(2), 202–215.
• Pochmara, J., & Świetlicka, A. (2024). Cybersecurity of Industrial Systems—A 2023 Report. Electronics (Switzerland), 13(7). https://doi.org/10.3390/electronics13071191
• Shahid, M. A., & Safyan, M. (2025). MALWARE ANALYSIS AND DETECTION FOR MICROSOFT TECHNOLOGIES. 1(1), 57–69.
• Tandan, B., Vajpayee, P., & Hossain, G. (2025). Explaining Cyber Risks in Transportaion 5.0: A Data Driven Approach. 2025 IEEE 4th International Conference on AI in Cybersecurity, ICAIC 2025, February, 1–8. https://doi.org/10.1109/ICAIC63015.2025.10848812
• Thomas, O., & Tine, J. (2025). Cybersecurity in Transportation Systems : Policies and Technology Directions.
• Tonn, G., Kesan, J. P., Zhang, L., & Czajkowski, J. (2019). Cyber risk and insurance for transportation infrastructure. Transport Policy, 79(March), 103–114. https://doi. org/10.1016/j.tranpol.2019.04.019
• Zeddini, B., Maachaoui, M., & Inedjaren, Y. (2022). Security Threats in Intelligent Transportation Systems and Their Risk Levels. Risks, 10(5), 1–18. https://doi. org/10.3390/risks10050091
• Zhang, D., & Tan, P. (2021). Internet of Things and intelligent transportation system. Journal of Physics, 2066(1). https://doi.org/10.1088/1742-6596/2066/1/012066