Security Market Segment LS
Thursday, 04 May 2017 12:14

Rogue robots wreaking havoc

By
Rogue robots wreaking havoc

New research from Trend Micro claims that the plethora of industrial robots poses a real enhanced security threat – not only in subtly sabotaging work processes and products but in the possibility of ransomware attacks and physical harm to humans.

The research puts the spotlight on the security and vulnerability of industrial robots. The Industry 4.0 revolution calls for industrial robots to increase their complexity and interconnectedness exposing them as part of the attacker surface.

In Trend Micro’s analysis, researchers discovered different ways that make industrial robots vulnerable – from the usage of outdated software and weak authentication, to exposure due to the usage of public IPs.

Using the findings, it demonstrated how remote attackers can alter or introduce minor defects in the manufactured product, physically damage the robot, steal industry secrets, or injure humans.
Trend Micro says that due to architectural commonalities of most modern industrial robots, the existence of strict IEEE standards, and common software base, industrial robots are a practical target for hackers. It determined five classes of attacks are possible once an attacker is able to exploit any of the weaknesses found.

These classes include:

  • Altering the controller’s parameter. Attacker alter the control system so the robot moves unexpectedly or inaccurately, at the attacker’s will.
  • Tampering with calibration parameters. The attacker changes the calibration to make the robot move unexpectedly or inaccurately.
  • Tampering with the production logic. The attacker manipulates the program executed by the robot to introduce defects in the workpiece.
  • Altering the user-perceived robot state. The attacker manipulates the status information so the operator is not aware of the true status of the robot.
  • Altering the robot state. The attacker manipulates the true robot status so the operator loses control or can get injured.

While all this sounds a little like Asimov’s i-Robot, Trend Micro was able to exploit all five weaknesses. For example, a robot could be altered to produce faulty goods, and ransom demands follow to identify those robots or goods. Or a robot could even kill someone.

Trend Micro says industrial robot standards must consider cyber security threats the same way ICS and automotive sector standards have evolved to mitigate them. Network defenders must fully understand the unique position that industrial robots have in terms of securing them.

Robots have a very long lifetime, which means vendors must be able to provide security updates to all currently deployed versions, which they may not always be able to do. Furthermore, customers may be worried by downtimes or potential regressions carried by software updates and thus refrain from timely patching their systems.

The technical paper is here.

Read 5751 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




EXL AI IN ACTION VIRTUAL EVENT 20 MARCH 2025

Industry leaders are looking to transform their businesses and achieve measurable outcomes with AI.

As organisations across APAC navigate the complexities of AI adoption, this must-attend event brings together industry leaders, real-world demonstrations, and visionary panel discussions to bridge the gap between proof-of-concepts and enterprise-wide AI implementation.

Learn how to overcome common challenges in deploying AI at scale.​

Unlock cost savings, efficiency, and better customer experiences with AI.

Discover how industry expertise and data intelligence enable practical AI deployment.

Register for the event now!

REGISTER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Latest from Ray Shaw

Related items

More in this category: « Carbon Black scores gold in NSS Labs’ AEP test Sabre rattled and hacked »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments