Hacked robots could be used to kill people, poison pets and help thieves rob homes, experts reveal
Researchers have discovered a number of security vulnerabilities in existing robots, which they say can be used by criminals to cause serious harm to their owners.
IOActive tested robot operating systems and other software in order to identify nearly 50 flaws in robots from vendors including SoftBank Robotics, UBTECH Robotics, ROBOTIS, Universal Robots, Rethink Robotics, and Asratec Corp.
Insecure communications, authentication issues, weak cryptography, memory corruption and privacy problems were just some of the issues named by the firm’s senior security consultant Lucas Apa.The research paper says that criminals could exploit the flaws to gain control of robots in homes and workplaces, using them to spy on people and cause physical damage.
“Compromised robots could even hurt family members and pets with sudden, unexpected movements, since hacked robots can bypass safety protections that limit movements,” it says. “Hacked robots could start fires in a kitchen by tampering with electricity, or potentially poison family members and pets by mixing toxic substances in with food or drinks.
“Family members and pets could be in further peril if a hacked robot was able to grab and manipulate sharp objects.”
It adds that robots integrated with smart home automation systems could also assist burglars by deactivating alarms and locks. Even if they aren’t integrated, however, hackers could still use them to issue instructions to voice assistants, such as Alexa and Siri.
“A hacked, inoperable robot could be a lost investment to its owner, as tools are not yet readily available to ‘clean’ malware from a hacked robot,” it adds. “Once a home robot is hacked, it’s no longer the family’s robot, it’s essentially the attacker’s.”
IOActive say it has alerted all of the vendors named above, and will only release specific details of the vulnerabilities once they’ve had enough time to fix them.