In this paper, we focus on differential cryptanalysis of a lightweight ARX cipher. These ciphers use three simple arithmetic operations, namely, modular addition, bitwise rotation, and exclusive-OR, and therefore, are designed very well to perform over the Internet-of-Things (IoT) devices. We choose a very well-known ARX cipher designed by the National Security Agency (NSA) of the United States of America in June 2013, named SPECK. SPECK was subjected to several years of detailed cryptanalytic analysis within NSA and has been subjected to academic analysis by researchers worldwide. SPECK is specially optimized for low-cost processors like those used in the IoT devices. We first find the differential paths for all the variants of SPECK, and based on that differential path, we attack the round-reduced variant of the cipher. Finding differential paths in ARX is one of the most difficult and time-consuming problems due to the huge state space. We use a nested-based heuristic technique to find a differential path which is inspired by the nested Monte Carlo search (NMCS) algorithm. NMCS was successfully applied before for different games: Morpion Solitaire, SameGame, and 16 × 16 Sudoku, but the use of such heuristic techniques in cryptography is entirely new and time-saving.