SYSTEMATIC REVIEW OF CYBERSECURITY THREATS IN IOT DEVICES FOCUSING ON RISK VECTORS VULNERABILITIES AND MITIGATION STRATEGIES

Abstract

The rapid proliferation of Internet of Things (IoT) devices across various industries has introduced significant cybersecurity challenges, exposing critical infrastructures, smart systems, and personal devices to sophisticated cyber threats. This systematic review examines the major cybersecurity vulnerabilities in IoT ecosystems, focusing on device-level security risks, network-layer threats, application-layer vulnerabilities, and supply chain security issues. The study follows the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines, ensuring a structured, transparent, and rigorous evaluation of existing literature. A total of 120 peer-reviewed articles were analyzed, encompassing empirical research, theoretical studies, and systematic reviews published in reputable academic journals and conference proceedings. The findings reveal that weak authentication mechanisms, firmware vulnerabilities, insecure communication protocols, and supply chain risks remain persistent challenges, making IoT devices highly susceptible to botnet recruitment, malware propagation, ransomware attacks, and large-scale Distributed Denial-of-Service (DDoS) attacks. Additionally, the study identifies the limitations of conventional security solutions, emphasizing that resource-constrained IoT devices often lack robust encryption, real-time intrusion detection, and automated security updates, leaving them vulnerable to evolving cyber threats. While AI and machine learning-based intrusion detection systems offer promising advancements in threat mitigation and predictive cybersecurity, adversarial AI techniques introduce new risks that require continuous refinement of security models. The review also highlights regulatory and compliance gaps, stressing the urgent need for standardized security frameworks to ensure uniform protection across diverse IoT environments. Ultimately, this study underscores the necessity for a multi-layered security approach, integrating technological advancements, regulatory enforcement, and industry-wide collaboration to enhance IoT cybersecurity resilience. The insights provided in this review contribute to the growing body of knowledge on IoT security and serve as a foundation for future research, policy development, and practical cybersecurity implementations in smart and connected systems.