Security News Industrial Cobots Might Be The Next Big IoT Security Mess

frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Researchers at IOActive have found nearly 50 vulnerabilities in industrial collaborative robots, machines that work side-by-side with people in manufacturing and other settings, that can be abused to possibly cause physical harm to workers, or even configured to spy on their surroundings.

The machines can be remotely tampered with to alter safety configurations that prevent them from operating outside a designated safety boundary, for example. Others that have built-in cameras and microphones can also be accessed and used for commercial espionage.

The researchers, Cesar Cerrudo and Lucas Apa, published a paper today that complements their initial research published in February with technical details on the vulnerabilities and proof-of-concept exploits, along with demonstrations. The researchers are also scheduled to do a talk on their findings Thursday at Hack In The Box Singapore.

Full Article. Industrial Cobots Might Be The Next Big IoT Security Mess
 
  • Like
Reactions: Weebarra, Fritz, The paranoid one and 4 others
Winter Soldier

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Thanks Froggy for this interesting topic ( talking about my work is not a problem ... indeed my holidays are over :D )

Yes the possibility of that attacks are concrete. Also because many of these robots are often configured incorrectly, leaving that they are exposed on the Internet and thus vulnerable to the possibility of a remote attack, in my job we are facing similar problems.

This is something very similar to what we've seen in the last few months with routers, surveillance cameras and other IoT stuff detectable through simple online searches, such as those that allows you to make Shodan.

In the case of industrial robots, however, the danger is not tied to the possibility that someone can take control of the devices to exploit them for DDoS attacks. The risk is that the robot vulnerability can lead forms of sabotage.
The cyber-criminals could in fact change the operating parameters of the robot to insert defects in the products, or even become a danger to people who work in the same environments.
 
  • Like
Reactions: Weebarra, Fritz, In2an3_PpG and 3 others
N

NikolayfromRussia

Level 16
Verified
Top Poster
Jul 3, 2014
750
In2an3_PpG said:
At least they can not walk for now. :D
Click to expand...

Yes, at least we are safe for now but if they come we' ll run away or fight against them
smayliki-voennie-37.gif
 
  • Like
Reactions: frogboy, Weebarra, Winter Soldier and 1 other person
In2an3_PpG

In2an3_PpG

Level 18
Verified
Top Poster
Content Creator
Well-known
Nov 15, 2016
867
NikolayfromRussia said:
But seriously we don't know what can happen in near or far future. If hackers take control of these robots may bring troubles. Hope everything will be fine and robot will serve us, not we will serve robots :)
Click to expand...

Build the robots but do not include AI. Make it so humans control what robots do at all times. Do not get to the point where their thinking for themselves. That could be more troubling then hackers controlling them remotely.
 
  • Like
Reactions: frogboy, Weebarra, Winter Soldier and 1 other person
Winter Soldier

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
NikolayfromRussia said:
But seriously we don't know what can happen in near or far future. If hackers take control of these robots may bring troubles. Hope everything will be fine and robot will serve us, not we will serve robots :)
Click to expand...
Well, the best thing would be to avoid the online data transmission of the programming interface.
An industrial robot does not have to be always connected to the Internet, usually it is not necessary, just during remote management.
But one important thing, usually robots use proprietary management software ... not exactly easy to use and manipulate, that it is not Windows.
A criminal should well know the machine, by attacking it via a highly targeted attack.
Realistically it is a unlikely scenario, even if possible of course.
 
  • Like
Reactions: frogboy, Weebarra, In2an3_PpG and 1 other person
You must log in or register to reply here.

Similar threads

upnorth
    • Like
    • +Reputation
Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack
Replies
0
Views
507
News Archive
upnorth
upnorth
Bot
    • +Reputation
    • Like
Security News Ransomware hits The Big Issue. Qilin group leaks confidential data
Replies
0
Views
934
Security News
Bot
Bot
Sammo
    • Like
    • Applause
IBM Says It's Made a Big Breakthrough in Quantum Computing
Replies
0
Views
392
News Archive
Sammo
Sammo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top