The security requirements of an Internet of Things (IoT) system are complex. They extend past the traditional information security requirements of confidentiality, integrity and availability. They also need to address authentication, authorization, freshness of data, nonrepudiation, and forward and backward secrecy.

Taking Stock of Today’s IoT Security Risks

With these security requirements in mind, let’s take a look at some key IoT security risks. IoT architecture is not yet standardized and various vendors have their own architectures. In general, however, an IoT architecture contains at least the following three layers: a sensor layer, a network layer and an application layer. Attacks can be broadly categorized as physical, network, software or encryption attacks.

Physical Attacks

Physical attacks target the hardware of an IoT system and include breaches at the sensor layer. They typically require physical proximity to the system but can also involve actions that limit the efficacy of IoT hardware.

Attackers can tamper with nodes to gain control over sensor nodes or devices in an IoT environment and use that control to extract materials, data and code. With malicious node injection, attackers can physically deploy malicious nodes between legitimate nodes in an IoT network. Also known as a man-in-the-middle (MitM) attack, the malicious nodes can then control operations and the data flowing between linked nodes.

Injecting malicious code enables attackers to access IoT systems, for example by plugging a USB key into a device on the network. An attacker can compromise a node by physically injecting it with malicious code that would grant access to the IoT system.

Attackers can physically damage IoT devices to disrupt the availability of service. Also at risk are areas controlled by IoT systems or facilities that host them, such as data centers. Cybercriminals could also conduct distributed denial-of-service (DDoS) attacks through signal interference on radio-frequency identification (RFID) systems and radio frequency interference on wireless sensor networks.

Using social engineering, attackers can control users of an IoT system to serve their own ends. They can also launch sleep deprivation attacks, which target the vulnerability of battery drainage in devices and sensors in an IoT system. Most devices have a sleep mode to extend battery life, but sleep deprivation attacks maximize the power consumption of nodes to ultimately shut them down.

Network Attacks

Network attacks target the IoT system network layer and can be conducted remotely. DDoS attacks are perhaps the most widely known network IoT security risk. Typically, they involve overflowing network devices with more requests than they can handle, thus preventing the server from answering legitimate requests. Using sniffing applications, attackers can perform traffic analysis to infer information based on communication patterns between devices in an IoT network. Even encrypted information can be deduced from this data without decryption.

Spoofing, Cloning and Unauthorized Access

RFID attacks include spoofing, cloning and unauthorized access. RFID spoofing is when an attacker impersonates an RFID signal to read and record transmitted data. Cloning occurs when the attacker copies data from a legitimate tag to gain access to an IoT network. Fraudsters can often gain unauthorized access to RFID tags due to poor authentication that enables them to read, change and delete data.

Attackers spoof RFID signals to read and record a data transmission from an RFID tag. In addition, attackers can used the spoofed RFID tag, then send their own data containing the original tag ID. In this way, an attack can gain full access to the system by pretending to be the original source.

Sinkhole Schemes

An attacker can lure all traffic from wireless sensor network (WSN) nodes to create a metaphorical sinkhole. This type of attack breaches the confidentiality of the data and also denies service to the network by dropping all the packets instead of forwarding them to the desired destination.

In a sinkhole attack, attackers use compromised or malicious nodes to attract packets from neighboring nodes. They can then selectively forward, alter or drop traffic, leading to data confidentiality issues, or deny service to the network.


Cybercriminals can also launch MitM attacks using the network communication protocols. In real time, attackers can interfere in communications between two nodes by posing as a legitimate node. This enables the malicious actor to monitor, eavesdrop on and control communications between the two legitimate nodes.

Attackers might target the routing protocol in IoT networks to alter the traffic flow through a compromised node, reconfigure the network topology, create routing loops, generate false errors or modify source routes. In a Sybil attack, for example, fraudsters create fake node identities or mimic legitimate ones. These are then used to generate false and malicious information to compromise an IoT system.

Software Attacks

The biggest IoT security risks involve software. Software attacks can exploit entire systems, steal information, alter data, deny service and compromise or damage devices.

In a phishing attack, for example, fraudsters gain access by impersonating a legitimate entity to trick users into providing access or credentials. Attackers also use malware, such as viruses, worms and Trojans, to damage or delete data, steal information, monitor users and disrupt key system functions. Meanwhile, malicious ActiveX scripts can target users with access to the network gateway to shut down the IoT system entirely.

Attackers can also target software at the application layer to execute DDoS attacks. In addition to shutting down access to legitimate users, application layer attacks expose databases and sensitive data.

Encryption Attacks

IoT security risks also include attacks that target encryption schemes. Instead of targeting the cryptographic algorithms themselves, side-channel attacks target the implementation of those algorithms. Attackers can infer the encryption key by analyzing physical measurements during computation and the internal state of the physical device during processing.

Cryptanalysis attacks attempt to deduce encryption keys by searching for weaknesses in the cryptographic algorithm. Depending on the information available to the attacker, cryptanalysis attacks can take following forms: ciphertext-only, chosen-plaintext, adaptive-chosen-plaintext, chosen-ciphertext and adaptive-chosen-ciphertext.

Encryption schemes are also vulnerable to MitM attacks in which a malicious actor intercepts communication between two users and decrypts data using keys shared with both of them. As in other MitM attacks, users continue assume they are communicating only with each other.

Potential attacks on IoT systems are many and varied. In a future post, we will look at some measures and strategies IT managers can implement to mitigate risks and ensure the security and resilience of their IoT environments.

More from Application Security

Critically close to zero(day): Exploiting Microsoft Kernel streaming service

10 min read - Last month Microsoft patched a vulnerability in the Microsoft Kernel Streaming Server, a Windows kernel component used in the virtualization and sharing of camera devices. The vulnerability, CVE-2023-36802, allows a local attacker to escalate privileges to SYSTEM. This blog post details my process of exploring a new attack surface in the Windows kernel, finding a 0-day vulnerability, exploring an interesting bug class, and building a stable exploit. This post doesn’t require any specialized Windows kernel knowledge to follow along, though…

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

Vulnerability management, its impact and threat modeling methodologies

7 min read - Vulnerability management is a security practice designed to avoid events that could potentially harm an organization. It is a regular ongoing process that identifies, assesses, and manages vulnerabilities across all the components of an IT ecosystem. Cybersecurity is one of the major priorities many organizations struggle to stay on top of. There is a huge increase in the number of cyberattacks carried out by cybercriminals to steal valuable information from businesses. Hence to encounter these attacks, organizations are now focusing…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today