Robots built by leading manufacturers are at critical risk of being hacked and posing a serious threat to people and property, according to cybersecurity researchers.
A research paper titled “Hacking Robots Before Skynet,” published by cybersecurity firm IOActive, details how thousands of home, business and industrial robots have security issues that make them susceptible to cyberattack. The officials from IOActive says that “A robot is just a computer with arms and legs or wheels,therefore the cyber threat is much bigger. Compromised robots can be used to physically damage something or even hurt or kill someone.”
The vulnerabilities present in the robots could also allow hackers to maliciously spy on people via the robot’s microphone and camera, as well as leak personal or business data. The research began in 2016 as robot adoption became more mainstream.
“As robots become more common, so will hacks against them,” Cerrudo from IOActive says. “We saw it with the rise of smart devices and the Internet of Things (IoT), only this time the threat that robots pose is much bigger.”
The company found around 50 cybersecurity flaws across six of the biggest robotics manufacturers: SoftBank Robotics, UBTECH Robotics, ROBOTIS, Universal Robots, Rethink Robotics and Asratec.
IOActive contacted the six robot vendors to disclose the security vulnerabilities. After receiving the report, SoftBank Robotics and Universal said they would be taking action to better protect their devices from cyberattacks, though did not specify what this would be.
In a statement, IOActive said: “All the vendors named have been notified with the specific details of the vulnerabilities identified in their respective systems in the course of responsible disclosure. As we are still in the disclosure process we are unable to speak to what actions each of the vendors are taking in response to its notifications.”
SoftBank’s “friendly” humanoid robot Pepper is used in retail stores in Japan, Singapore and parts of the U.S. to assist customers, and around 10,000 units have sold since they first went on sale in Japan in 2015. IOActive plans to release precise details of the vulnerabilities in several months, after the robotics firms have had time to patch the problems.
“There is some basic security protections in place, but in general they are very insecure,” Lucas Apa, a senior security consultant at IOActive, tells.”One of the main issues is that of authentication. It is possible to access and interact with many of the robots without providing any kind of security credentials.”
“As far as we’re aware, no robots have been hacked yet. However, we’ve seen people die or injured due to incidents with industrial or medical robots, so you can see what the potential is.”
Important YDS Vocabulary