Industrial robots can, in some cases, replace humans in large-scale production and manufacturing activities due to their increased efficiency, accuracy and safety. In particular, industrial robots are increasingly used to assemble cars; assemble aircraft engines as well as drill and paint airframes in the aviation industry; and even package food.
There is, however, growing concern that cyber attacks could allow a hacker to seize control of these robots. With that in mind, a group of cybersecurity experts started examining the attack surface of today’s industrial robot architectures and implementations, looking for weaknesses and vulnerabilities cyber attackers could exploit. In “Rogue Robots: Testing the Limits of an Industrial Robot’s Security,” the Forward-looking Threat Research (FTR) team from cybersecurity company Trend Micro and collaborators from the Politecnico di Milano (POLIMI) technical university in Italy explain that cyber hacking industrial robots is indeed a distinct possibility. What’s more, they warn that many robots in factories and distribution centers are vulnerable to cyber attacks, which could harm companies, products and even people.
In the paper, the researchers explain they found that the software running on industrial robots is outdated; is based on vulnerable OSs and libraries, sometimes relying on obsolete or cryptographic libraries; and has weak authentication systems with default, unchangeable credentials. Additionally, the Trend Micro FTR Team found tens of thousands of industrial devices residing on public IP addresses, which could include exposed industrial robots, further increasing risks that an attacker can access and compromise them.
The paper identifies five potential kinds of attacks:
- The hacker alters a robot’s control system so it moves unexpectedly or inaccurately. This could result in defective or modified products.
- The hacker tampers with a robot’s calibration to make it move unexpectedly or inaccurately at the attacker’s will. This also could result in defective or modified products.
- The hacker manipulates a robot’s production logic to introduce defects into the work piece.
- The hacker manipulates a robot’s status information so the operator is not aware of the machine’s true status. This could result in operator injuries if, for example, the operator believes that the robot has been turned off and is safe to approach when it is still active.
- The hacker manipulates a robot directly so the operator loses control and possibly gets injured.
Such attacks could pose a wide variety of risks with numerous consequences for manufacturers. Trend Micro has created a video showing an example of a cyberattack and explaining the implications. The video shows how a hacker could cause a robot to introduce a small, imperceptible defect that could cause the product to malfunction. This could lead to expensive returns and a reputation-damaging recall process. Hackers could also demand a ransom to reveal which product lots have been damaged. Furthermore, cyber criminals could hack robots to gain access to sensitive information or company secrets, such as source code or information about production schedules and volumes.
To guard against the risk of such threats, the researchers suggest companies strive to ensure they perform all available software updates. Often, they note, factories will skip these updates rather than lose production time while the robots are taken offline. Companies should also work with robot vendors to identify potential threats and improve security, the authors write.
What are your thoughts about the possibility of industrial robots coming under cyber attack? Does your company use robots in production operations? If so, do you think the robots are vulnerable to attack?