The IETF has standardized network mobility (NEMO) basic support protocol (BSP) to extend Internet services to networks in motion such as in bus, trains etc. The NEMO BSP uses a bidirectional tunnel between the mobile router (MR) and its home agent (HA) resulting in suboptimal routing. Route optimization may be incorporated between the MR and the correspondent node (CN), by informing the HA and the CN about the MR’s current location through binding updates. However, these binding updates are vulnerable to different attacks as malicious users may send fabricated binding updates to fool the MR, the HA, and the CN. Although the path between the MR and the HA is protected by IPSec tunnel, the path between the MR and CN, between the HA and CN, and between a mobile network node and the MR remains unprotected. So the requirements of extending Internet services in NEMO and use of optimized route between the MR and the CN have introduced several security threats in NEMO. In this survey, we describe security requirements, issues, and attacks with their corresponding countermeasures in NEMO. Major attacks in NEMO include bombing attack, redirection attack, denial of service attack, man-in-the-middle attack, replay attack, home agent poisoning attack etc. These attacks can affect the integrity and privacy of data. This survey also provides an in-depth and categorized description of various security protocols and key management techniques which are specifically targeted for NEMO. Along the way we highlight the advantages and disadvantages of existing NEMO security protocols, evaluate them, and discuss open research issues.