New Report Highlights Dangers of Hacked Factory Robots
Earlier this month, computer-security firm Trend Micro, in collaboration with researchers at Polytechnic University of Milan, released a report titled, âRogue Robots.â No, they werenât writing about the threat of runaway artificial intelligence or Terminator-like âkiller robots.â Rather, they were exploring how malevolent hackers might compromise various kinds of industrial robots, whose number is expected to reach 2.6 million units worldwide by 2019.
The dangers of industrial robots to factory workers have long been well appreciated, which is why most of these machines operate in cages designed to keep people out of harmâs way. But increasingly industrial robots are being designed to work alongside human workers, and such collaborative robots, or cobots, could present unique safety issues should their software be compromised.
The threats that a hacked industrial robot represent go beyond safety concerns, though. Thereâs the obvious worry about industrial sabotage. That software can do real damage to industrial machinery was well demonstrated by Stuxnet, a cyberweapon that observers believe the U.S. and Israeli governments created to disable the centrifuges Iran was using to enrich uranium.
The Trend Micro report highlights the possibility that imperceptible changes into the operation of industrial robots could be introduced, leading to subtle defects in the goods being produced. This would leave manufacturers open to blackmailâmuch like the victims of the recent WannaCry ransomware exploitâand the bad guys might demand, âGive us the bitcoin weâre asking for, and weâll let you know which lot numbers have the faulty brake components.ââIndustrial robotsâoriginally conceived to be isolatedâhave evolved and are now exposed to corporate networks and the Internet . . . We were looking for connected robots from the top vendors and found several ones, some of which even provided unrestricted access using anonymous credentials (i.e., the authentication system was disabled).â âTrend Micro âRogue Robotsâ report
For the most part, the kinds of vulnerabilities the report describes sound pretty familiar. Some of this equipment come with default authentication credentials, which users might not be diligent about changing. The reportâs authors write, â[G]iven that most consumer-level routers nowadays come with randomized credentials, we believe that industry-grade devices should follow the same sane approach.â They also say that much of the software running these machines is not properly updated and patched to remove known software vulnerabilities. And the developers producing this code are often a little slipshod when it comes to protecting against hackers, failing sometimes to adopt straightforward measures like code-signing for firmware upgrades.
All of that, worrisome as it is, seemed a little predictable to me. What came as much more of a surprise was the extent to which these industrial robots are connected to the Internet. I would have thought that great pains would always be taken to keep them isolated. When I dabbled in CNC work in my garage several years ago, I was careful to keep my router-toting robot off the Internet for the sake of safety. But apparently thatâs not the case in industry these days.
âIndeed, industrial robotsâoriginally conceived to be isolatedâhave evolved and are now exposed to corporate networks and the Internet,â write the reportâs authors, who examined scans of the Internet and easily found many examples of connected industrial robots. âWe were looking for connected robots from the top vendors . . . and found several ones, some of which even provided unrestricted access using anonymous credentials (i.e., the authentication system was disabled).â
Another eye-opener for me was learning that â[s]ome vendors implement safety features such as emergency stop (e-stop) buttons in software.â I certainly wouldnât want to go anywhere near a powerful robot of any sort that didnât have its big red button connected pretty darn directly to its power source.
I have to wonder, though, whether the reportâs authors are being a little alarmist here. I would imagine that any industrial robot must have a hardware emergency shutoff positioned close at hand, perhaps supplemented with software buttons that, all being well, can also be used to stop the robotâs motion. But maybe Iâm underestimating peopleâs willingness to trust software, now that itâs become so deeply baked into our lives.