Authors : Nonso Okika; Gift Aruchi Nwatuzie; Loveth Odozor; Olamide Oni; Idoko Peter Idoko

Volume/Issue : Volume 10 - 2025, Issue 2 - February

Google Scholar : https://tinyurl.com/2d5rfnac

Scribd : https://tinyurl.com/yt7nkkx2

DOI : https://doi.org/ 10.5281/zenodo.14964285

Abstract : The rapid adoption of the Internet of Things (IoT) in critical infrastructure has revolutionized public utilities by enhancing automation, operational efficiency, and real-time monitoring. However, this increased connectivity also introduces significant cybersecurity vulnerabilities that pose risks to essential services, including power grids, water supply systems, transportation networks, and healthcare facilities. Cyberattacks targeting IoT-driven infrastructure can lead to large-scale service disruptions, economic losses, and threats to public safety. This study examines the cybersecurity risks associated with IoT-enabled critical infrastructure and evaluates the effectiveness of existing security frameworks in mitigating these vulnerabilities. By analyzing case studies of cyber incidents and current industry practices, the paper identifies key weaknesses in traditional security approaches. The study proposes a multi-layered security strategy incorporating artificial intelligence (AI)-driven threat detection, blockchain-based security mechanisms, and robust authentication protocols to enhance resilience against emerging threats. Additionally, it explores regulatory and policy recommendations to strengthen compliance and standardization in IoT cybersecurity. The findings underscore the need for proactive and adaptive security measures to safeguard public utilities and prevent large-scale disruptions, ensuring the reliability and safety of critical infrastructure in an increasingly interconnected world.

Keywords : IoT Security, Critical Infrastructure, Cybersecurity Threats, Public Utilities, AI-Driven Security, Blockchain, Cyber Resilience.

References :

[1].    Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A survey. *Journal of Network and Computer Applications, 88*, 10–28. https://doi.org/10.1016/j.jnca.2017.04.002  
[2].    Alhazmi, N., & Aloufi, S. (2023). Assessing security gaps in IoT-enabled critical infrastructure: Challenges and solutions. *Computers & Security, 125*, 103487. https://doi.org/10.1016/j.cose.2023.103487  
[3].    Ali, R., Ahmed, S., & Khan, M. (2022). Data-driven cybersecurity risk analysis for IoT ecosystems: Challenges and methodologies. *IEEE Transactions on Information Forensics and Security, 17(8)*, 1467–1482. https://doi.org/10.1109/TIFS.2022.3147584  
[4].    Bello, O., & Zeadally, S. (2022). Intelligent security solutions for IoT-enabled critical infrastructure: Challenges and future directions. *IEEE Internet of Things Journal, 9(8)*, 6254–6271. https://doi.org/10.1109/JIOT.2022.3140014  
[5].    Brown, T., & Henderson, P. (2022). Ethical considerations in IoT cybersecurity: Privacy, surveillance, and transparency. *Journal of Ethics in Information Technology, 15(4)*, 243–262. https://doi.org/10.1016/j.jeit.2022.103789  
[6].    Chang, S., Li, X., & Yu, J. (2023). Emerging cybersecurity threats in 5G-enabled IoT networks. *IEEE Transactions on Information Forensics and Security, 18(1)*, 1435–1452. https://doi.org/10.1109/TIFS.2023.3291857  
[7].    Chen, Y., Patel, H., & Liu, M. (2023). Risk quantification models for IoT cybersecurity: A comprehensive analysis. *IEEE Transactions on Dependable and Secure Computing, 20(3)*, 1254–1271. https://doi.org/10.1109/TDSC.2023.3197645  
[8].    Ferrag, M. A., Maglaras, L. A., Derhab, A., & Janicke, H. (2022). Deep learning for cybersecurity in IoT-enabled critical infrastructures: A comprehensive survey. *Future Generation Computer Systems, 129*, 1–24. https://doi.org/10.1016/j.future.2021.11.013  
[9].    Fernández-Caramés, T. M., & Fraga-Lamas, P. (2020). Towards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacks. *IEEE Access, 8*, 21091–21116. https://doi.org/10.1109/ACCESS.2020.2968985  
[10].    Goyal, P., Sharma, V., & Jain, R. (2022). Cybersecurity risk quantification in IoT-based critical infrastructure: An analytical approach. *Journal of Cybersecurity and Privacy, 4(2)*, 102–120. https://doi.org/10.1016/j.jcyp.2022.103122  
[11].    Gupta, L., Samarin, N., Taha, A., & Liu, Y. (2021). A survey on security and privacy issues in modern energy systems using IoT and AI. *IEEE Access, 9*, 152849–152870. https://doi.org/10.1109/ACCESS.2021.3127871  
[12].    Gupta, R., Sharma, A., & Kumar, P. (2022). Cybersecurity challenges in IoT: A critical analysis of existing solutions and future directions. *Journal of Information Security and Applications, 67*, 103311. https://doi.org/10.1016/j.jisa.2022.103311  
[13].    Hassan, W. U., Bates, A., & Egele, M. (2021). IoT security: From research to reality. *IEEE Security & Privacy, 19(5)*, 42–50. https://doi.org/10.1109/MSEC.2021.3109993  
[14].    Hemsley, K. E., & Fisher, R. E. (2018). A history of cyber incidents and threats involving industrial control systems. *Idaho National Laboratory Technical Report*, 1–32. https://doi.org/10.2172/1483232  
[15].    Humayed, A., Lin, J., Li, F., & Luo, B. (2017). Cyber-physical systems security—A survey. *IEEE Internet of Things Journal, 4(6)*, 1802–1831. https://doi.org/10.1109/JIOT.2017.2703172  
[16].    Idoko, I. P., David-Olusa, A., Badu, S. G., Okereke, E. K., Agaba, J. A., & Bashiru, O. (2024f). The dual impact of AI and renewable energy in enhancing medicine for better diagnostics, drug discovery, and public health. *Magna Scientia Advanced Biology and Pharmacy, 12(02)*, 099–127.  
[17].    Idoko, I. P., Ijiga, O. M., Agbo, D. O., Abutu, E. P., Ezebuka, C. I., & Umama, E. E. (2024a). Comparative analysis of Internet of Things (IoT) implementation: A case study of Ghana and the USA-vision, architectural elements, and future directions. *World Journal of Advanced Engineering Technology and Sciences, 11(1)*, 180-199.  
[18].    Idoko, I. P., Ijiga, O. M., Enyejo, L. A., Akoh, O., & Ileanaju, S. (2024b). Harmonizing the voices of AI: Exploring generative music models, voice cloning, and voice transfer for creative expression.  
[19].    Idoko, I. P., Ijiga, O. M., Enyejo, L. A., Ugbane, S. I., Akoh, O., & Odeyemi, M. O. (2024c). Exploring the potential of Elon Musk's proposed quantum AI: A comprehensive analysis and implications. *Global Journal of Engineering and Technology Advances, 18(3)*, 048-065.  
[20].    Idoko, I. P., Ijiga, O. M., Enyejo, L. A., Akoh, O., & Isenyo, G. (2024d). Integrating superhumans and synthetic humans into the Internet of Things (IoT) and ubiquitous computing: Emerging AI applications and their relevance in the US context. *Global Journal of Engineering and Technology Advances, 19(01)*, 006-036.  
[21].    Idoko, I. P., Ijiga, O. M., Harry, K. D., Ezebuka, C. C., Ukatu, I. E., & Peace, A. E. (2024e). Renewable energy policies: A comparative analysis of Nigeria and the USA.  
[22].    Ijiga, A. C., Aboi, E. J., Idoko, P. I., Enyejo, L. A., & Odeyemi, M. O. (2024a). Collaborative innovations in Artificial Intelligence (AI): Partnering with leading U.S. tech firms to combat human trafficking. *Global Journal of Engineering and Technology Advances, 18(03)*, 106-123.  
[23].    Ijiga, A. C., Abutu, E. P., Idoko, P. I., Agbo, D. O., Harry, K. D., Ezebuka, C. I., & Umama, E. E. (2024b). Ethical considerations in implementing generative AI for healthcare supply chain optimization: A cross-country analysis across India, the United Kingdom, and the United States of America. *International Journal of Biological and Pharmaceutical Sciences Archive, 07(01)*, 048–063.  
[24].    Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. *Computer, 50(7)*, 80–84. https://doi.org/10.1109/MC.2017.201  
[25].    Kumar, S., Patel, H., & Singh, M. (2021). IoT security challenges in critical infrastructure: Current landscape and future research. *IEEE Transactions on Dependable and Secure Computing, 18(6)*, 3521–3538. https://doi.org/10.1109/TDSC.2021.3054392  
[26].    Kumar, S., Patel, H., & Singh, M. (2023). Anomaly detection techniques for IoT-driven cybersecurity: A machine learning perspective. *IEEE Transactions on Dependable and Secure Computing, 20(4)*, 1778–1792. https://doi.org/10.1109/TDSC.2023.3098762  
[27].    Li, X., & Zhao, H. (2022). Bias and fairness in AI-driven cybersecurity: Challenges and mitigation strategies. *IEEE Transactions on Artificial Intelligence, 3(6)*, 478–493. https://doi.org/10.1109/TAI.2022.3165437  
[28].    Liang, X., Wang, R., & Zhang, Y. (2022). AI-driven cyberattacks and countermeasures in IoT-enabled critical infrastructure. *Future Generation Computer Systems, 135*, 89–102. https://doi.org/10.1016/j.future.2022.08.003  
[29].    Nasir, A., Qadir, J., & Ahmed, A. (2023). Strengthening IoT authentication frameworks: A review of blockchain-based security solutions. *IEEE Access, 11*, 19371–19388. https://doi.org/10.1109/ACCESS.2023.3230911  
[30].    Nguyen, D. C., Pathirana, P. N., Ding, M., & Seneviratne, A. (2022). Blockchain for 5G and beyond networks: A state-of-the-art survey. *Journal of Network and Computer Applications, 204*, 103416. https://doi.org/10.1016/j.jnca.2022.103416  
[31].    Nguyen, D. C., Pathirana, P. N., Ding, M., & Seneviratne, A. (2023). Blockchain for securing IoT-driven critical infrastructure: Challenges and future research directions. *Journal of Network and Computer Applications, 207*, 103453. https://doi.org/10.1016/j.jnca.2023.103453  
[32].    Rahman, A., & Lee, J. (2022). Bayesian models for cyber risk prediction in IoT-enabled infrastructure. *Journal of Network and Computer Applications, 199*, 103480. https://doi.org/10.1016/j.jnca.2022.103480  
[33].    Rahman, A., Qureshi, T., & Lee, J. (2022). Cyber risk assessment methodologies for IoT-driven critical infrastructure. *Journal of Network and Computer Applications, 199*, 103480. https://doi.org/10.1016/j.jnca.2022.103480  
[34].    Rajendran, R., Gupta, S., & Rao, P. (2022). Securing IoT supply chains: Challenges and blockchain-based solutions. *Journal of Network and Computer Applications, 208*, 103471. https://doi.org/10.1016/j.jnca.2022.103471  
[35].    Sadeghi, A.-R., Wachsmann, C., & Waidner, M. (2016). Security and privacy challenges in industrial Internet of Things. *Proceedings of the 52nd ACM/EDAC/IEEE Design Automation Conference (DAC)*, 1–6. https://doi.org/10.1145/2897937.2898083  
[36].    Sharma, P., Bhatt, A., & Venkatesh, A. (2022). Incident response planning for IoT security in smart cities and critical infrastructure. *Future Generation Computer Systems, 134*, 229–245. https://doi.org/10.1016/j.future.2022.02.009  
[37].    Shen, J., Tang, J., Li, J., & Du, X. (2020). Cybersecurity risks in IoT-driven smart cities: An in-depth review. *IEEE Communications Surveys & Tutorials, 22(2)*, 1311–1333. https://doi.org/10.1109/COMST.2020.2971783  
[38].    Sikder, A. K., Acar, A., Ferrag, M. A., & Aksu, H. (2021). From vulnerabilities to attacks in IoT networks: A comprehensive survey. *IEEE Communications Surveys & Tutorials, 23(3)*, 1351–1396. https://doi.org/10.1109/COMST.2021.3070747  
[39].    Wang, H., & Kim, D. (2021). The impact of deepfake technology on IoT security: Risks and mitigation strategies. *IEEE Internet of Things Journal, 8(7)*, 5482–5498. https://doi.org/10.1109/JIOT.2021.3057123  
[40].    Wang, P., & Li, R. (2023). Machine learning-based anomaly detection for IoT cybersecurity: A support vector approach. *Computers & Security, 127*, 103640. https://doi.org/10.1016/j.cose.2023.103640  
[41].    Wang, Y., Zhang, P., & Liu, T. (2023). Quantum computing and its implications for IoT cybersecurity. *Journal of Cryptographic Engineering, 13(2)*, 211–230. https://doi.org/10.1007/s13389-023-00290-7  
[42].    Zhou, B., Jin, B., Xu, Z., & Li, H. (2022). A survey on IoT security: Requirements, challenges, and solutions. *Future Generation Computer Systems, 134*, 46–60. https://doi.org/10.1016/j.future.2022.04.004  
[43].    Zhou, J., Liu, W., & Chen, R. (2023). Privacy-preserving encryption techniques for IoT security: A cryptographic approach. *Computers & Security, 127*, 103812. https://doi.org/10.1016/j.cose.2023.103812