As a new area of technology, the Internet of Things (IoT) is a flagship and promising paradigm for innovating society. However, IoT-based critical infrastructures are an appealing target for cybercriminals. Such distinctive infrastructures are increasingly sensitive to cyber vulnerabilities and subject to many cyberattacks. Thus, protecting these infrastructures is a significant issue for organizations and nations. In this context, raising the cybersecurity posture of critical cyber infrastructures is an extremely urgent international issue. In addition, with the rapid development of adversarial techniques, current cyber threats have become more sophisticated, complicated, advanced and persistent. Thus, given these factors, prior to implementing efficient and resilient cybersecurity countermeasures, identification and in-depth mapping of cyber threats is an important step that is generally overlooked. Therefore, to solve cybersecurity challenges, this study presents a critical analysis of the most recent cybersecurity issues for IoT-based critical infrastructures. We then discuss potential cyber threats and cyber vulnerabilities and the main exploitation strategies adopted by cybercriminals. Further, we provide a taxonomy of cyberattacks that may affect critical cyber infrastructures. Finally, we present security requirements and some realistic recommendations to enhance cybersecurity solutions.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.