Abstract
As a new area of technology, the Internet of Things (IoT) is a flagship and promising paradigm for innovating society. However, IoT-based critical infrastructures are an appealing target for cybercriminals. Such distinctive infrastructures are increasingly sensitive to cyber vulnerabilities and subject to many cyberattacks. Thus, protecting these infrastructures is a significant issue for organizations and nations. In this context, raising the cybersecurity posture of critical cyber infrastructures is an extremely urgent international issue. In addition, with the rapid development of adversarial techniques, current cyber threats have become more sophisticated, complicated, advanced and persistent. Thus, given these factors, prior to implementing efficient and resilient cybersecurity countermeasures, identification and in-depth mapping of cyber threats is an important step that is generally overlooked. Therefore, to solve cybersecurity challenges, this study presents a critical analysis of the most recent cybersecurity issues for IoT-based critical infrastructures. We then discuss potential cyber threats and cyber vulnerabilities and the main exploitation strategies adopted by cybercriminals. Further, we provide a taxonomy of cyberattacks that may affect critical cyber infrastructures. Finally, we present security requirements and some realistic recommendations to enhance cybersecurity solutions.
Highlights
Recent advances in new information and communication networks have led to a shift toward new emerged paradigms, such as smart grids [1], Internet of Things (IoT) [2], cloud computing [3], big data [4], and edge/fog computing [5,6]
It is imperative that cyber security approaches include self-healing and resilience as security requirements. These fundamental properties enhance protection against 0-day attacks that cannot be detected by traditional security solution that can be infected like SolarWinds
An IoTbased critical cyber infrastructure is vulnerable to a range of significant cyber threats and malicious activities that could be the basis for the generation of new types of massive cyberattacks that could cause significant consequences such as financial losses, welfare losses and loss of life
Summary
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. Sci. 2021, 11, 4580 to the internet, the integration of IoT and complex devices to modernize ICSs, smart grids, and smart health has opened up new security breaches In this regard, intruders try to exploit the vulnerabilities of connected objects in order to penetrate into infrastructure and carry out harmful cyberattacks. Despite the dysfunctions that cyberattacks can generate within critical cyber infrastructure, it results the following risks: sensitive data theft, vital operations functioning disruption, critical services and resources unavailability, sessions hijacking, data alteration and deletion, industrial/medical equipment failures and destruction. We conclude the paper and suggest some future developments in the last section
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
