SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Security experts demonstrate that ransomware attacks on robots are possible
Tue, 13th Mar 2018
FYI, this story is more than a year old

Researchers at security firm IOActive managed to conduct what might be the world's first ransomware attack on robots last week – a method that if used in the wild could disrupt the booming robotics market.

The robotics spending market is expected to reach $230.7 billion by 2021 according to IDC, and robots already play a significant part in the industrial manufacturing, automotive and other industries.

IOActive researchers Cesar Cerrudo and Lucas Apa say that ransomware was typically about targeting information in exchange for money in the past, but as the interaction between robots and humans evolve the attack scenarios will also evolve.

“It's no secret that ransomware attacks have become a preferred method for cybercriminals to get monetary profit by encrypting victim information and requiring a ransom to get the information back,” comments Apa.

The team decided to conduct a proof-of-concept ransomware attack on the commercially-available Petter and NAO robots, both of which use the same operating system and are developed by SoftBank Robotics. The company has sold more than 30,000 robots to date.

They injected custom code into behaviour file classes, which altered the robots' behaviours to be malicious.

“Possible malicious behavior on an infected robot includes complete interruptions in service, pornographic content on the robot display, the use of curse words, even doing violent movements. The infected robot could also be an entryway into other internal networks at a business, offering backdoor access to hackers and an entry point for layer penetration to steal sensitive data.

Apa says the results were ‘astonishing'.

“Ransomware attacks could be used against business owners to interrupt their businesses and coerce them into paying ransom to recover their valuable assets. The robots could also malfunction which may take weeks to return them to operational status. Unfortunately, every second a robot is non-operational, businesses and factories are losing lots of money.

IOActive informed Softbank of its findings in January 2017, however they are not aware of any fix for the problem.

Last year the research duo found approximately 50 vulnerabilities in robots from various vendors. Attackers could potentially use the vulnerabilities to spy via the robot's microphone and camera, leak data or cause serious harm.

“Even though our proof of concept ransomware impacted SoftBank's NAO and Pepper robots, the same attack could be possible on almost any vulnerable robot," Apa says.

"Robot vendors should improve security as well as the restore and update mechanisms of their robots to minimise the ransomware threat. If robot vendors don't act quickly, ransomware attacks on robots could cripple businesses worldwide,” Apa concludes.