Vulnerability in Robots Can Lead To Costly Ransomware Attacks

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,320
CANCUN, Mexico – A vulnerability in Softbank Robotics’ NAO and Pepper robots can lead to costly ransomware attacks that could cause robots deployed in businesses to stop working, curse at customers, or even perform violent movements.

The vulnerability was disclosed at Kaspersky Lab’s Security Analyst Summit by IOActive Labs. The security firm said that Softbank was notified of the vulnerability January 2017, but they aren’t aware of any available patches.

Lucas Apa and Cesar Cerrudo, researchers with IOActive Labs, told Threatpost that the vulnerability can open opportunities for ransomware attacks targeting sensitive in-transit information collected on the robot, like high-definition video feed, audio captured by up to four directional microphones, and payment or other business information running on the robots. Another critical ransomware target is downtime in robots – many businesses lose money every second one of their robots is nonoperational.

“It stands to reason, then, that service and/or production disruption is another strategy for attackers. Instead of encrypting data, an attacker could target key robot software components to make the robot non-operational until the ransom is paid,” according to an IOActive Labs whitepaper on the vulnerability, released at SAS on Friday.

The NAO and Pepper robots, priced around $10,000, are some of the most widely used research and education robots in the world, with 20,000 Pepper robots deployed in 2,000 businesses worldwide, and 10,000 NAO robots in use globally. These robots are used by an array of businesses, in the education, retail and industrial space – such as Sprint, which has started to use Pepper robots to assist customers at its U.S.-based retail stores.
..
..
..
..
 
  • Like
Reactions: harlan4096

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top