**2. Vulnerability risks for IoT systems**

Anything that can disrupt the operation, integrity, and availability of an IoT device, or network of IoT devices is a threat. There are different types of threats. There are natural threats, such as floods, earthquakes, or storms. There are unintentional threats that result from accidents or mistakes. Finally, there are deliberate threats that result from ulterior motives. Each of these types of threats can be fatal to the IoT infrastructure.

The IoT risks are divided into four categories (**Figure 1**).


Therefore, the general security requirements for IoT systems (**Figure 2**) must include the following:

**Figure 1.** *IoT risks.*

**Figure 2.**

*IoT security challenges and requirements.*

*Methods for Detection and Prevention of Vulnerabilities in the IoT (Internet of Things) Systems DOI: http://dx.doi.org/10.5772/intechopen.113898*


IoT vulnerability is an integral weakness of the design, configuration, or implementation of the IoT system that weakens protection. Most vulnerabilities can be found in one of these sources:


Although there are only three types of vulnerabilities, they can manifest in many ways. The first security rule is the physical protection of devices and networks. Central hosts and servers should be stored in separate rooms that can only be accessed by authorized personnel (owners). Routers, communications equipment, and portable media (disks, smartcards) should also be stored in secure locations with limited access. As part of this process, individuals and companies must consider the physical and natural environment in which IoT operates. The possibility of earthquakes, fires, floods, and other unforeseen accidents should be considered and properly planned. Accordingly, owners must ensure the security of all media (disks, tapes, smartcards) that contain vital information and make regular data backups.

Communication is the transmission of information through a medium. As such, it is inevitably vulnerable to interception, monitoring, burglary, etc. Owners should also take care of other forms of communication interception (Wi-Fi, antennas, etc.). Network and packet eavesdroppers are common tools that can read network flow.

It is important to note that every network and IoT system has vulnerabilities. Human mistakes, carelessness, laziness, greed, and rage pose the greatest threat to infrastructure with possible high damage. Moreover, human vulnerability and the risks associated with them are the most difficult to defend.
