Story image

Security experts demonstrate that ransomware attacks on robots are possible

13 Mar 18

Researchers at security firm IOActive managed to conduct what might be the world’s first ransomware attack on robots last week – a method that if used in the wild could disrupt the booming robotics market.

The robotics spending market is expected to reach $230.7 billion by 2021 according to IDC, and robots already play a significant part in the industrial manufacturing, automotive and other industries.

IOActive researchers Cesar Cerrudo and Lucas Apa say that ransomware was typically about targeting information in exchange for money in the past, but as the interaction between robots and humans evolve the attack scenarios will also evolve.

“It’s no secret that ransomware attacks have become a preferred method for cybercriminals to get monetary profit by encrypting victim information and requiring a ransom to get the information back,” comments Apa.

The team decided to conduct a proof-of-concept ransomware attack on the commercially-available Petter and NAO robots, both of which use the same operating system and are developed by SoftBank Robotics. The company has sold more than 30,000 robots to date.

They injected custom code into behaviour file classes, which altered the robots’ behaviours to be malicious.

“Possible malicious behavior on an infected robot includes complete interruptions in service, pornographic content on the robot display, the use of curse words, even doing violent movements. The infected robot could also be an entryway into other internal networks at a business, offering backdoor access to hackers and an entry point for layer penetration to steal sensitive data.”

Apa says the results were ‘astonishing’.

“Ransomware attacks could be used against business owners to interrupt their businesses and coerce them into paying ransom to recover their valuable assets. The robots could also malfunction which may take weeks to return them to operational status. Unfortunately, every second a robot is non-operational, businesses and factories are losing lots of money.”

IOActive informed Softbank of its findings in January 2017, however they are not aware of any fix for the problem.

Last year the research duo found approximately 50 vulnerabilities in robots from various vendors. Attackers could potentially use the vulnerabilities to spy via the robot’s microphone and camera, leak data or cause serious harm.

“Even though our proof of concept ransomware impacted SoftBank’s NAO and Pepper robots, the same attack could be possible on almost any vulnerable robot," Apa says.

"Robot vendors should improve security as well as the restore and update mechanisms of their robots to minimise the ransomware threat. If robot vendors don’t act quickly, ransomware attacks on robots could cripple businesses worldwide,” Apa concludes.

McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Forcepoint and Chillisoft - “a powerful combination”
Following Chillisoft’s portfolio expansion by signing on Forcepoint, the companies’ execs explain how this is a match made in cybersecurity heaven.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.