Analysis of Cyber Attacks within Critical IoT Infrastructures and Information Systems
DOI:
https://doi.org/10.47672/ejt.2617Keywords:
Internet of Things, security, critical infrastructure, information systems, cyber attacksAbstract
Purpose: This research aims were to provide valuable insights into the potentials, risks, and best practices of deploying IoT in critical sectors, thus contributing to the knowledge base and fostering decision-making. The goal was to identify the possible types of cyber-attacks, take various precautions against these attacks, and to develop protection methods.
Materials and Methods: To attain this goal, we conducted a series of targeted questionnaires with a sample size of 100 and 89 responded to the questionnaire. The primary data collected from the respondents was analysed with a statistical package for social science (SPSS) and the results were summarised in pie charts and frequency tables.
Findings: The result showed that 80.9% of the respondents were familiar with the concept of connected devices, a fundamental principle of IoT, 54% of them believed that IoT infrastructures in their sector were secure to a high or very high extent while 46% perceived them as only somewhat secure or not secure at all. On the other hand, 83.1% of respondents believed that there was a high or very high need for stricter regulations regarding the cybersecurity of critical IoT infrastructures.
Implications to Theory, Policy and Practice: The researchers proposed a framework for enhancing the security posture of critical IoT infrastructures. This framework encompasses a combination of technological measures, and policy recommendations. In addition to this, they also recommended; Investing in the development of robust and reliable internet infrastructure to support the widespread deployment of IoT devices and enable seamless connectivity across the country. Providing training programs and workshops to enhance the technical skills of professionals in IoT technologies, cybersecurity, data analytics, and information systems management and implementing small-scale pilot projects in different sectors, such as healthcare, agriculture, transportation, or energy, to evaluate the feasibility and effectiveness of IoT infrastructures and information systems in the Cameroonian context. Conducting research to identify the specific needs and challenges in implementing IoT infrastructures and information systems in Cameroon, and developing tailored solutions to address them.
Keywords: Internet of Things, security, critical infrastructure, information systems, cyber attacks
Downloads
References
Abiodun, O., Omolara, O., Alawida, M., Alkhawaldeh, R., & Arshad, H. (2021). A Review on the Security of the Internet of Things: Challenges and Solutions. Wireless Personal Communications, 119, 1–35. https://doi.org/10.1007/s11277-021-08348-9
Acharya, B., Garikapati, K., Yarlagadda, A., & Dash, S. (2022). Internet of things (IoT) and data analytics in smart agriculture: Benefits and challenges (pp. 3–16). https://doi.org/10.1016/B978-0-12-823694-9.00013-X
Affia, A. O., Finch, H., Jung, W., Samori, I. A., Potter, L., & Palmer, X.-L. (2023). IoT Health Devices: Exploring Sec:urity Risks in the Connected Landscape. IoT, 4(2), Article 2. https://doi.org/10.3390/iot4020009
Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A survey. Journal of Network and Computer Applications, 88, 10–28. https://doi.org/10.1016/j.jnca.2017.04.002
Alaine, B. T. (2 August 2023). How AI and IoT are driving SDGs in Cameroon and Beyond. Retrieved 27 January 2025, sur https://www.linkedin.com/pulse/how-ai-iot-driving-sdgs-cameroon-beyond-bate-tabenyang-alaine
Alcaraz, C., & Zeadally, S. (2015). Critical infrastructure protection: Requirements and challenges for the 21st century. International Journal of Critical Infrastructure Protection, 8, 53–66. https://doi.org/10.1016/j.ijcip.2014.12.002
Al Sadawi, A., Hassan, M., & Ndiaye, M. (2024). Blockchain Technology for IoT Security and Trust: A Comprehensive SLR.
Baykara, M., & Daş, R. (2015). A Survey on Potential Applications of Honeypot Technology in Intrusion Detection Systems. International Journal of Computer Networks and Applications, 2(5).
Bou-Harb, E., Fachkha, C., Pourzandi, M., Debbabi, M., & Assi, C. (2013). Communication security for smart grid distribution networks. IEEE Communications Magazine, 51(1), 42–49. https://doi.org/10.1109/MCOM.2013.6400437
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & Security, 56, 1–27. https://doi.org/10.1016/j.cose.2015.09.009
Coventry, L., & Branley, D. (2018). Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas, 113, 48–52. https://doi.org/10.1016/j.maturitas.2018.04.008
D. E. Whitehead, K. Owens, D. Gammel, and J. Smith. (2017). Ukraine cyber-induced power outage: Analysis and practical mitigation strategies | IEEE Conference Publication | IEEE Xplore. https://ieeexplore.ieee.org/document/8090056
DAILY SABAH. (2019). Cyberattacks blamed for Sunday’s internet disruption across Turkey | Daily Sabah. https://www.dailysabah.com/turkey/2019/10/28/cyberattacks-blamed-for-sundays-internet-disruption-across-turkey
Das, R., & Gündüz, M. Z. (2019). Analysis of Cyber-Attacks in IoT-based Critical Infrastructures.
Demi̇Rol, D., Daş, R., & Baykara, M. (2013). SQL Enjeksiyon Saldırı Uygulaması ve Güvenlik Önerileri.
E. Luiijf, I. Žutautaite, and B. M. Hämmerli. (2018). Critical Information Infrastructures Security: 13th International Conference, CRITIS 2018, Kaunas, Lithuania, September 24-26, 2018, Revised Selected Papers [1st ed.] 978-3-030-05848-7, 978-3-030-05849-4. Dokumen.Pub. https://dokumen.pub/critical-information-infrastructures-security-13th-international-conference-critis-2018-kaunas-lithuania-september-24-26-2018-revised-selected-papers-1st-ed-978-3-030-05848-7-978-3-030-05849-4.html
Ericsson, 2020. (n.d.). The Internet of Things (IoT) technology. Retrieved 4 October 2023, from https://www.ericsson.com/en/internet-of-things
Google Forms. (2023). In Wikipedia. https://en.wikipedia.org/w/index.php?title=Google_Forms&oldid=1178230779
Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7), 1645–1660. https://doi.org/10.1016/j.future.2013.01.010
Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., & Sikdar, B. (2019). A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures [Review]. Scopus OA2019; Institute of Electrical and Electronics Engineers Inc. https://scholarbank.nus.edu.sg/handle/10635/210052
Heath Muchena. (2019, November 13). African CIOs look to IoT for critical infrastructure applications. CIO. https://www.cio.com/article/215734/african-cios-look-to-iot-for-critical-infrastructure-applications.html
ISACA. (2019). Security Issues in IoT: Challenges and Countermeasures. ISACA. https://www.isaca.org/resources/isaca-journal/issues/2019/volume-1/security-issues-in-iot-challenges-and-countermeasures
J. P. Shim. (2019). Kinetic Threats and IoT Cybersecurity Cyber-physical Systems and Industrial IoT Cybersecurity: Issues and Solutions Emergent Research Forum (ERF) Paper. ResearchGate. https://www.researchgate.net/publication/344889050_Kinetic_Threats_and_IoT_Cybersecurity_Cyber-physical_Systems_and_Industrial_IoT_Cybersecurity_Issues_and_Solutions_Emergent_Research_Forum_ERF_Paper
J. Wilkins. (2019). Key Steps to Safeguard Industrial Environments from Cyber Threats. https://trout.software/blog/10-steps-to-protect-industrial-environments-from-cyber-threats
Kimani, K., Oduol, V., & Langat, K. (2019a). Cyber security challenges for IoT-based smart grid networks. International Journal of Critical Infrastructure Protection, 25, 36–49. https://doi.org/10.1016/j.ijcip.2019.01.001
Kimani, K., Oduol, V., & Langat, K. (2019b). Cyber security challenges for IoT-based smart grid networks. International Journal of Critical Infrastructure Protection, 25, 36–49. https://doi.org/10.1016/j.ijcip.2019.01.001
Kimani, K., Oduol, V., & Langat, K. (2019c). Cyber security challenges for IoT-based smart grid networks. International Journal of Critical Infrastructure Protection, 25(C), 36–49.
Liu, X., Qian, C., Hatcher, W. G., Xu, H., Liao, W., & Yu, W. (2019). Secure Internet of Things (IoT)-Based Smart-World Critical Infrastructures: Survey, Case Study and Research Opportunities. IEEE Access, 7, 79523–79544. https://doi.org/10.1109/ACCESS.2019.2920763
M. Li, W. Huang, Y. Wang, W. Fan, and J. Li. (2016). The study of APT attack stage model. ResearchGate. https://www.researchgate.net/publication/306925657_The_study_of_APT_attack_stage_model
Mansha Kapoor. (2023, August 11). IoT in Transportation: The Role of IoT Solutions in Transforming Mobility | CognitiveClouds Blog. https://www.cognitiveclouds.com/insights/iot-in-transportation
Maple, C. (2017). Security and privacy in the internet of things. Journal of Cyber Policy, 2(2), 155–184. https://doi.org/10.1080/23738871.2017.1366536
Mercan, S., Akkaya, K., Cain, L., & Thomas, J. (2020). Security, Privacy and Ethical Concerns of IoT Implementations in Hospitality Domain (No. arXiv:2009.10187). arXiv. http://arxiv.org/abs/2009.10187
Mezam. (2024). Mapcarta. https://mapcarta.com/16799338
Microsoft Windows 10 Pro. (n.d.). StackSocial. Retrieved 4 October 2023, from https://www.stacksocial.com/sales/stacksocial.com/sales/microsoft-windows-10-pro
Miller, B., & Rowe, D. (2012). A survey SCADA of and critical infrastructure incidents. Proceedings of the 1st Annual Conference on Research in Information Technology, 51–56. https://doi.org/10.1145/2380790.2380805
Moffa, A. (2024). Implementing Zero-trust to IoT Solutions. Retrieved on https://www.ptc.com/en/
Paré, G., & Kitsiou, S. (2017). Chapter 9 Methods for Literature Reviews. In Handbook of eHealth Evaluation: An Evidence-based Approach [Internet]. University of Victoria. https://www.ncbi.nlm.nih.gov/books/NBK481583/
R. Da¸s, A. Karabade, and G. Tuna. (2015). Common network attack types and defense mechanisms,. https://www.researchgate.net/publication/350374715_Analysis_of_cyber-attacks_in_IoT-based_critical_infrastructures
Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), 2266–2279. https://doi.org/10.1016/j.comnet.2012.12.018
Sánchez, H. S., Rotondo, D., Escobet, T., Puig, V., & Quevedo, J. (2019). Bibliographical review on cyber attacks from a control oriented perspective. Annual Reviews in Control, 48, 103–128. https://doi.org/10.1016/j.arcontrol.2019.08.002
Sarker, I. H., Kayes, A. S. M., Badsha, S., Alqahtani, H., Watters, P., & Ng, A. (2020). Cybersecurity data science: An overview from machine learning perspective. Journal of Big Data, 7(1), 41. https://doi.org/10.1186/s40537-020-00318-5
Sean, L. (2020). Taiwan’s state-owned company CPC Corp. Suffers ransomware attack—CyberScoop. https://cyberscoop.com/cpc-corp-ransomware-attack-taiwan-trend-micro/
Segovia, M., Cavalli, A., Cuppens-Boulahia, N., & Garcia-Alfaro, J. (2019). A Study on Mitigation Techniques for SCADA-Driven Cyber-Physical Systems (Position Paper) (pp. 257–264). https://doi.org/10.1007/978-3-030-18419-3_17
Ślusarczyk, B. (2018). INDUSTRY 4.0-ARE WE READY? Polish Journal of Management Studies, 17. https://doi.org/10.17512/pjms.2018.17.1.19
SPSS. (2023). In Wikipedia. https://en.wikipedia.org/w/index.php?title=SPSS&oldid=1171239082
Stouffer, K. (2023). Guide to Operational Technology (OT) Security (No. NIST SP 800-82r3; p. NIST SP 800-82r3). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-82r3
Tahiru, A. (2018). CYBERSECURITY IN AFRICA: THE THREATS AND CHALLANGES. 3(5).
Tariq, N., Khan, F. A., & Asim, M. (2021). Security Challenges and Requirements for Smart Internet of Things Applications: A Comprehensive Analysis. Procedia Comput. Sci., 191(C), 425–430. https://doi.org/10.1016/j.procs.2021.07.053
Team, T. (2021, October 21). How IoT Works? TechVidvan. https://techvidvan.com/tutorials/how-iot-works/
Thales. (2022). Top IoT security issues and challenges (2022) – Thales. https://www.thalesgroup.com/en/markets/digital-identity-and-security/iot/magazine/internet-threats
Thomas Brinkhoff. (2017). Mfoundi (Department, Cameroon)—Population Statistics, Charts, Map and Location. https://www.citypopulation.de/en/cameroon/admin/0207__mfoundi/
Tracey, T. (2024, January 3). Phishing Attacks: A Recent Comprehensive Study and a New Anatomy. CybSafe. https://www.cybsafe.com/research-library/phishing-attacks-a-comprehensive-study/
Ugur, N. G., & Barutcu, M. T. (2018). A Critical Analysis on Internet of Things: Features and Vulnerabilities.
wang wei. (2018). Casino Gets Hacked Through Its Internet-Connected Fish Tank Thermometer. The Hacker News. https://thehackernews.com/2018/04/iot-hacking-thermometer.html
Weber, R. H. (2010). Internet of Things – New security and privacy challenges. Computer Law & Security Review, 26(1), 23–30. https://doi.org/10.1016/j.clsr.2009.11.008
Wells, L. J., Camelio, J. A., Williams, C. B., & White, J. (2014). Cyber-physical security challenges in manufacturing systems. Manufacturing Letters, 2(2), 74–77. https://doi.org/10.1016/j.mfglet.2014.01.005
Zhang, X., Upton, O., Beebe, N. L., & Choo, K.-K. R. (2020). IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers. Forensic Science International: Digital Investigation, 32, 300926. https://doi.org/10.1016/j.fsidi.2020.300926
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Suh Charles Forbacha, Tambou Guemgne Eudoxie Juliana
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
