Industrial Robots are Hackable: How Do We Fix Them?

Discuss cyber attacks involving robots and many people might think you’re talking about the latest Hollywood blockbuster to hit the screens. The reality, however, is that industrial robotic systems now form a vital cog in the manufacturing process of everything from silicon chips to cars and even glassware.

A new Trend Micro report, Rogue Robots: Testing the Limits of an Industrial Robot’s Security, demonstrates for the first time how robots can be compromised, and suggests a way forward to a more secure future for the Fourth Industrial Revolution. This research was done through the collaboration of our Forward-Looking Threat Research team and researchers from the Politecnico di Milano in Italy.

Industry 4.0 under attack

Robots are everywhere. Estimates suggest there will be 1.3 million of them in factories globally by 2018, carrying out a range of tasks in a wide variety of industries – everything from welding and packaging to food processing and die-casting. We need these systems to support Industry 4.0, a new wave of innovation based around automation and smart factories, which could transform society in a way similar to the very first steam engines in the late 18th century.

The problem, as Trend Micro reveals in the report, is that as these systems get smarter and more interconnected, their attack surface has grown. Web services allow external software or devices to “speak” with their robot controller via HTTP requests, while new APIs allow humans to control robots through smartphone apps. Even robot app stores have begun to spring up.

This is compounded by outdated software powering many systems, based on vulnerable operating systems and libraries like Linux 2.6. They sometimes rely on obsolete or broken cryptographic libraries, and feature poor authentication with default, unchangeable credentials.

Some industrial robots are even reachable directly from the public internet to allow for remote monitoring and maintenance. According to Trend Micro’s research, the US leads the world in having the largest volume of machines exposed to the internet in this way. Some even provide unrestricted access using anonymous credentials.

As if that weren’t enough, robot systems are also increasingly designed for close interaction with humans. While the reasons behind this are obvious, it does raise the prospect of causing physical harm to robot operators if interfered with.

A case study

The report includes a case study demonstrating exactly how an attack on a typical industrial robot (the ABB IRB140) could be achieved. We even include a video showing a real robot being attacked.

Here are just some of the security issues we found:

  • Unsecured Network and Command Injection
  • Weak Authentication
  • Naïve Cryptography
  • Memory Corruption
  • Missing Code Signing
  • Poor Runtime Isolation

By combining these vulnerabilities, we show how an attacker can implement 5 robot-specific attacks, ranging from violating safety requirements up to stealthily manipulating the manufacturing goods.

What does this mean?

Robots form an increasingly critical element of our manufacturing industries. That makes them a potential target for both financially motivated cybercriminal gangs and nation states looking to disrupt operations. The report details various threat scenarios, ranging from physical damage and sabotage to ransomware and even exfiltration of sensitive data from the factory network.

So what’s to be done? As we discuss, the answer lies in a holistic effort requiring input from all stakeholders, including cybersecurity standards makers, software developers, vendors, and network defenders. This goes way beyond merely improving the quality of embedded software, which means it could be a long road. But we hope that research like this will help to kick start that process and develop a more secure Industry 4.0.

Leave a Reply