Research pick: Understanding cyberthreats in IoT networks - "A comparative framework for cyber threat modelling: case of healthcare and industrial control systems"

Cyberattacks are a major problem for all kinds of organizations with the potential to compromise e-commerce, government, and healthcare. Research in the International Journal of Critical Infrastructures, highlights how Internet of Things (IoT) devices, which are not necessarily as well protected as conventional computers in terms of firewalls, antivirus, and malware protection, can represent an important vulnerability in a system. Such threats extend beyond potential financial loss where they can disrupt infrastructure, government, and even threaten human lives, particularly in healthcare facilities.

Taofeek Mobolarinwa Balogun, and Hayretdin Bahsi of Tallinn University of Technology in Tallinn, Estonia, and Omer F. Keskin and Unal Tatar of the University at Albany, State University of New York, USA offer a comparative framework for modelling the threat of cyber attack on IoT devices and networks.

The team’s new framework can be used to evaluate particular vulnerabilities within an IoT network from the perspective of a putative third-party attacker. The framework can critically assess what factors are involved in determining the level of sophistication needed to carry out a successful cyberattack that causes damage to the system. It is more common not to consider the sophistication of an attacker but simply to harden firewalls and keep antimalware software up to date and hope these are sufficient to protect the system from attack. The factors considered include accessibility, stealth, technical ability, and time. Given enough of each, a sufficiently sophisticated attacker might be able to breach any security. Knowing just how sophisticated an attacker needs to be gives the IoT network manager the opportunity to increase the requisite level of defence.

The team demonstrated that two distinct IoT network types: SCADA (Supervisory Control and Data Acquisition) infrastructure and healthcare IoT infrastructure represent different levels of sophistication. SCADA networks demand greater expertise and sophistication compared with healthcare IoT networks. This suggests that there is a need for a bespoke approach to fortifying different types of critical systems. Understanding this requirement is an important part of allowing decision-makers at national and organizational levels to counter threats proactively without the need to over-extend security on more sophisticated systems that are intrinsically less vulnerable.

Balogun, T.M., Bahsi, H., Keskin, O.F. and Tatar, U. (2023) ‘A comparative framework for cyber threat modelling: case of healthcare and industrial control systems’, Int. J. Critical Infrastructures, Vol. 19, No. 5, pp.405–431.