Hacked robots can be a deadly insider threat (humanoid home/business/industrial robots)

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
IOActive researchers have probed the security of a number of humanoid home and business robots as well industrial collaborative robots, and have found it seriously wanting.

A slew of vulnerabilities – authentication/authorization issues and bypasses, insecure transport of data and firmware update mechanisms, undocumented methods, hard-coded passwords, unencrypted storage, easily disabled human safety protections – can be exploited to allow attackers to spy on users, hijack the robots, brick them and, what’s even worse, injure humans around them.

The researchers documented their findings in three separate advisories, pointing out issues in UBTech’s Alpha small-sized humanoid robots, SoftBank Robotics’ Pepper and NAO small and human-sized interactive companion robots, and Universal Robots’ cobots – “mechanical arms” that work with humans without any physical separation.
Click to expand...

In the accompanying report, they also included vulnerabilities found in software for ROBOTIS’ humanoid robotic kits, Asratec’s robot control system (V-Sido OS), and Rethink Robotics’ Baxter industrial robot.

“Since robots interact mostly with end-users, physical access is acceptable and expected. Home and business robots typically interact with family members, home visitors, customers or employees, while industrial and collaborative robots interact with company’s workers. Physical attacks are possible when adversaries can access to the robot’s hardware or mechanics to modify it’s behaviour or set up a persistent threat,” the researchers explained.

These robots usually have exposed connectivity ports that allow physically present users to fiddle with them (via special USB devices, Ethernet connections), but unfortunately there are also ways for remote attackers to interfere with the robots’ safety features (collision detection and avoidance mechanisms), which can result in serious injuries.

Some of the robots – e.g. UBTech’s Alpha 1S robot – can be bricked by sending a tampered firmware image via Bluetooth.
Click to expand...
 
  • Like
Reactions: NikolayfromRussia, Der.Reisende, monsterturckpa and 1 other person
sam borrego

sam borrego

New Member
Aug 30, 2017
2
but what do you do when your physical life of hand and eye have the ability to see and upload everything because of hacking?

theres so much about how to prevent variouse threats malware etc but when your so badly hacked you cant download anything that workable or left genuine, you cant get through to varing security business that can help you cause its tampered your phone, you cant access email accounts.

there is really no real help out there for extreme hacking/stalking at all most people cant even tell you the difference between an ip and a router there is so much ignorance. the big global innovators are taking full advantage of public ignorance and are simply not implementing support infrastrucures for the technologies they are so proud off
 
sam borrego

sam borrego

New Member
Aug 30, 2017
2
but what do you do when your physical life of hand and eye have the ability to see and upload everything because of hacking?

theres so much about how to prevent variouse threats malware etc but when your so badly hacked you cant download anything that workable or left genuine, you cant get through to varing security business that can help you cause its tampered your phone, you cant access email accounts.

there is really no real help out there for extreme hacking/stalking at all most people cant even tell you the difference between an ip and a router there is so much ignorance. the big global innovators are taking full advantage of public ignorance and are simply not implementing support infrastrucures for the technologies they are so proud off
 
  • Like
Reactions: NikolayfromRussia
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • Wow
A.I. News University Builds Robot-Designing AI, Churns Out Designs in Seconds
Replies
0
Views
380
Technology News
silversurfer
silversurfer
upnorth
    • Like
    • +Reputation
    • Hundred Points
Hot Take Bolster UEFI Cybersecurity Now
Replies
1
Views
821
General Security Discussions
Sandbox Breaker
Sandbox Breaker
upnorth
    • Like
Cybercrime Hack-for-Hire Groups Present a Potent Threat
Replies
0
Views
980
Malware Analysis
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top