As it was already told in the previous point, IoT is the problematic platform giving very ample opportunities not only for direct users but also and for violators. As well as by operation with any other information technologies, IoT includes the range of utterly different vulnerabilities, beginning from a human factor (inadvertent errors of maintenance), finishing with shortcomings of the firmware of devices. Indeed, to provide the due protection level, it is necessary to define and whenever possible to eliminate the highest possible number of such vulnerabilities [1].
The first question concerns the problems connected to the safety of the web interfaces which are built in IoT devices which allow the user to interact with the device, but at the same time can allow the malefactor to get illegal access to the device. Specific vulnerabilities of safety, which can lead to this problem include:
It is also possible to select the specific area of vulnerabilities considering the ineffective mechanisms authenticating users of IoT or bad mechanisms of authorisation. Specific vulnerabilities of safety, which can lead to these problems include:
Vulnerabilities in network services which are used for access to the IoT device allowing the malefactor to get illegal access to the device or the related data should not be underestimated. Specific vulnerabilities of safety, which can lead to this problem include:
The insufficient configuration of safety is relevant when users of the device have limited opportunities or cannot change the safety of the control. The poor shape of security is apparent when the web interface of the device has no possibility of the creation of detailed user permissions or, for example, for forced use of reliable passwords. The risk with it is that the IoT device could be attacked easier, allowing illegal access to the device or data. Specific vulnerabilities of safety, which can lead to this problem include:
There is also a set of the vulnerabilities using shortcomings of mobile and cloudy interfaces. The range of these vulnerabilities is truly wide because it includes all types of vulnerabilities: the human factor expressing in carelessness and inadvertent errors, negligent attitude to a configuration of IoT devices, etc. [2].
Weaknesses of physical security are relevant when the malefactor can get physical access to the data media and any data which are stored on this carrier. Deficiencies are also present when USB ports or other external ports can be used for access to the device with use of the functions intended for setup or service. It can lead to illegal access to the device or data.