Watch Researchers Hack an Industrial Robot and Sabotage Production

Share this…

There is an insane amount of industrial robots connected to the Internet, and even worse, thousands are left with no form of user authentication whatsoever, open to attack from anyone skilled enough to know how to sabotage their mode of operation.

This is the sad conclusion of a new report published today by security researchers from US cyber security firm Trend Micro, who found more than 83,000 industrial robots exposed on the Internet, among which 5,000 had no authentication requirements.

If this wasn’t bad enough, researchers also found 65 vulnerabilities affecting these robots, some of which allowed attackers to bypass authentication systems, and alter core robot settings and their mode of operation.

Map showing volume of exposed industrial routers
Map showing volume of exposed industrial robots and routers [Source: Trend Micro]

These figures only included robots directly available online. Researchers also pointed out that many of these robots are indirectly accessible after compromising industrial routers, usually found in high-end factories, where these robots are deployed.

Industrial robots could be leveraged for all types of attacks

The consequences of these attacks are usually catastrophic. In their report, the Trend Micro team fleshes out a few scenarios of what could go wrong after a cyber-attack on an industrial robot:

Sabotage by altering or introducing defects in products.
Ransomware-type schemes by altering products, contacting the manufacturer, and asking for a ransom to reveal which lots were affected.
Physically damaging products, the production line, injuring operators or damaging the robots themselves.
Stealing data from the robot’s internal storage, such as source code, production parameters, or other intellectual property.

To prove how easy is to cause damage to a company, Trend Micro researchers hacked an industrial robot in a test environment, and slightly altered one parameter, changing how the robot moves.

While this seems trivial and unimportant, this has been done before, last year, when researchers altered a 3D printer that printed a defective drone rotor, which later broke in mid-flight, crashing the drone.

Trend Micro’s report, put together with help from the Politecnico di Milano University, aims to raise the alarm over the large number of unsecured industrial robots. This warning also comes as more and more companies are deploying industrial robots to replace their workforce.

Companies that fail to secure their robots could soon be initiating product callbacks after hackers, or their competition, sabotage their production. While the callback themselves are expensive, companies could suffer more from reputational damage, from which they might never recover.

For its part, Trend Micro says it already reached out to the manufacturers of industrial robots in which they found vulnerabilities. ABB, the vendor whose robot was hacked during the video above, has already started working on a patch to prevent similar real-world attacks.

Earlier this year, IOActive published a similar report regarding the security features in industrial robots. In February, Rapid7 found various security flaws in a popular brand of industrial robots.

But industrial robots and routers aren’t the only key equipment in factories across the world that can be hacked. Similar reports showed that an attacker could attack 3D printers and classic printers with the same results, allowing him to influence a company’s internal operations and alter the production mechanism in various ways.