You have 3 free guides left 😟
Unlock your guides
Unlock Cram Mode
You have 3 free guides left 😟
Unlock your guides

9.1 Threat Landscape and Attack Vectors

3 min readjuly 19, 2024

IoT systems face threats from diverse actors, each with unique motivations. Cybercriminals seek financial gain, nation-states pursue geopolitical advantages, hacktivists promote agendas, and insiders pose risks from within organizations. Understanding these actors is crucial for effective IoT security.

IoT devices present numerous attack surfaces, including insecure firmware, weak network protocols, and inadequate authentication. Real-world breaches like the Mirai botnet and Verkada camera hack highlight the need for robust security measures, secure development practices, and comprehensive risk mitigation strategies in IoT ecosystems.

IoT Threat Actors and Motivations

Threat actors in IoT systems

Top images from around the web for Threat actors in IoT systems

  • IoT Security View original

    Is this image relevant?

  • Frontiers | Handling User-Oriented Cyber-Attacks: STRIM, a User-Based Security Training Model View original

    Is this image relevant?

  • IoT Security View original

    Is this image relevant?

1 of 3

Top images from around the web for Threat actors in IoT systems

  • IoT Security View original

    Is this image relevant?

  • Frontiers | Handling User-Oriented Cyber-Attacks: STRIM, a User-Based Security Training Model View original

    Is this image relevant?

  • IoT Security View original

    Is this image relevant?

1 of 3
  • Cybercriminals motivated by financial gain through tactics such as:
    • Deploying ransomware () to extort money from victims
    • Stealing sensitive data (credit card numbers) to sell on the dark web
    • Hijacking IoT devices to create (Mirai) for launching
  • Nation-state actors driven by objectives like:
    • Conducting espionage and gathering intelligence on foreign governments ()
    • Sabotaging critical infrastructure (power grids) to disrupt adversaries
    • Gaining strategic advantages in geopolitical conflicts ()
  • Hacktivists seeking to:
    • Promote political or social agendas (anti-globalization)
    • Expose perceived wrongdoings or injustices committed by organizations ()
    • Damage the reputation of targeted entities through cyber attacks (defacement)
  • Insider threats posing risks through:
    • Disgruntled employees seeking revenge against their employer (data leaks)
    • Negligent employees unintentionally causing security breaches (weak passwords)
    • Malicious insiders stealing sensitive data for personal gain (industrial espionage)

IoT Attack Surfaces, Vulnerabilities, and Real-World Breaches

Attack surfaces of IoT devices

  • Insecure device firmware and software leading to:
    • Unpatched vulnerabilities that can be exploited by attackers (buffer overflow)
    • Weak or allowing unauthorized access (admin/admin)
    • Lack of encryption exposing sensitive data (plaintext transmission)
  • Unsecured network protocols resulting in:
    • Unencrypted data transmission susceptible to interception (man-in-the-middle attacks)
    • Insecure Wi-Fi networks enabling attackers to gain access (WEP)
    • Vulnerable Bluetooth connections allowing unauthorized pairing ()
  • Inadequate authentication and authorization mechanisms leading to:
    • Weak user credentials that can be easily guessed or brute-forced (password123)
    • Lack of multi-factor authentication enabling account takeovers ()
    • Insufficient access controls allowing unauthorized actions (privilege escalation)
  • Physical security weaknesses such as:
    • Tamper-prone device enclosures that can be opened to access internal components (screwdriver)
    • Exposed ports and interfaces facilitating unauthorized connections (USB)
    • Lack of physical access controls enabling device tampering (unlocked doors)

Real-world IoT security breaches

  • Mirai botnet attack (2016) which:
    • Exploited default passwords in IoT devices (DVRs, cameras)
    • Created a massive botnet for launching DDoS attacks (1 Tbps)
    • Disrupted major internet services and websites (Twitter, Netflix)
  • Verkada camera breach (2021) where:
    • Hackers accessed live feeds of 150,000 surveillance cameras
    • Exposed sensitive footage from hospitals, schools, and businesses
    • Highlighted the risks associated with cloud-connected IoT devices
  • ThroughTek Kalay platform vulnerability (2021) involving:
    • A flaw in an IoT device management platform used by millions of devices
    • Unauthorized access to video feeds and device controls (pan, tilt, zoom)
    • Impacts on baby monitors, smart home devices, and security cameras

Strategies for IoT risk mitigation

  1. Implement robust device and network security measures by:
    • Regularly updating firmware and software to patch known vulnerabilities
    • Enforcing strong, unique passwords for all IoT devices (12+ characters)
    • Encrypting data at rest and in transit using secure protocols (AES, )
  2. Adopt secure development practices such as:
    • Adhering to security by design principles throughout the development lifecycle
    • Conducting thorough testing and vulnerability assessments (penetration testing)
    • Following secure coding practices and performing code reviews ()
  3. Establish comprehensive security policies and procedures including:
    • Performing regular security audits and risk assessments ()
    • Developing incident response and recovery plans to minimize impact (playbooks)
    • Providing employee training and awareness programs on IoT security best practices
  4. Leverage advanced security technologies like:
    • Implementing network segmentation and firewalls to isolate IoT devices ()
    • Deploying intrusion detection and prevention systems () to monitor threats
    • Utilizing security information and event management () tools for centralized logging and analysis (Splunk)
© 2024 Fiveable Inc. All rights reserved.
AP® and SAT® are trademarks registered by the College Board, which is not affiliated with, and does not endorse this website.
Fiveable
About Us
About FiveableBlogCareersTestimonialsCode of ConductTerms of UsePrivacy PolicyCCPA Privacy Policy
Resources
Cram ModeAP Score CalculatorsStudy GuidesPractice QuizzesGlossaryCrisis Text LineRequest a Feature
Stay Connected
© 2024 Fiveable Inc. All rights reserved.
AP® and SAT® are trademarks registered by the College Board, which is not affiliated with, and does not endorse this website.
About Us
About FiveableBlogCareersTestimonialsCode of ConductTerms of UsePrivacy PolicyCCPA Privacy Policy
Resources
Cram ModeAP Score CalculatorsStudy GuidesPractice QuizzesGlossaryCrisis Text LineRequest a Feature
© 2024 Fiveable Inc. All rights reserved.
AP® and SAT® are trademarks registered by the College Board, which is not affiliated with, and does not endorse this website.
Back
Glossary
Glossary
Next