The Four Types of IoT Attacks

A Taxonomy of IoT Attacks

Internet of Things? Maybe we should call it the Internet of Targets. New devices are being developed so rapidly that the news media can hardly keep up. Equally rapid is the development of new ways to exploit vulnerabilities found in these devices.

There’s more than one way to attack a device, and more than one motivation for doing so. Knowing the kinds of attacks is essential to “designing in” the security. The purpose of this article is to help you understand the different categories of attacks, and give an overview of the appropriate countermeasures for each type.

(Quick hint: if you’re an investor, understand these four categories so you can ask the company relevant questions. Make sure they’re addressing the vulnerabilities at every stage of design and production before you invest).

Here are the major categories of IoT attacks.

Category I – Attacks on Data

Attacks on data fall into three sub-classifications.

Steal the data

Explanation: In some circumstances, the data that is collected and transmitted on an IoT endpoint has monetary value.

Solution: Consider whether or not the information on your IoT network can be monetized. If so, device authentication and data encryption are a couple of possible protections.

Alter the data