Ransomware for robots, the next security threat

Share this…

Researchers found they were able to infect robots with ransomware; in the real world such attacks could be highly damaging to businesses if robotic security isn’t addressed. According to information security training experts in the future we have to face robots that stop working unless a ransom is paid.

Researchers at security company IOActive have shown how they managed to hack the NAO robot made by Softbank and infect one with custom-built ransomware. The researchers said the same attack would work on the Pepper robot too.

robot

After the infection, the robot is shown insulting its audience and demanding to be ‘fed’ Bitcoin cryptocurrency in order to restore systems back to normal. Maybe a tiny robot making threats might initially seem amusing, but a little creepy, the proof-of-concept attack demonstrates the risks associated with a lack of security in robots and how organizations which employ robots could suddenly see parts of their business grind to a halt should they become a victim of ransomware.

“The attack can come from a computer or other device that is connected to internet, so a computer gets hacked and from there the robot can be hacked since it’s in the same network as the hacked computer,” an information security training professional said, “In order to get a business owner to pay a ransom to a hacker, you could make robots stop working. And because the robots are directly tied to production and services, when they stop working they’ll cause a financial problem for the owner, losing money every second they’re not working”.

The researchers said it was possible for an attacker with access to the Wi-Fi network the robot is running on to inject malicious code into the machine. Taking what was learned in previous studies into the security vulnerabilities of robots, information security training researchers were able to inject and run code in Pepper and NAO robots and take complete control of the system, giving them the option to shut the robot down or modify its actions.

The difference between robots and computers is that robots don’t yet store vast amounts of valuable information that the user might be willing to pay a ransom to retrieve. But as companies often don’t have backups to restore systems from, if a robot becomes infected with ransomware, it’s almost impossible for the user to restore it to normal by themselves.

If the alternative for a victim of robot ransomware is waiting for a technician to come to fix the robot (or even losing access it to weeks if it needs to be returned to the manufacture) a business owner might view giving into the ransom demand as a lesser evil.

“If its one robot then it could take less time, but if there are dozens or more, every second, the business is losing money. Keeping this in mind, shipping lots of robots takes a lot of time, so the financial impact is bigger when you have a computer compromised with ransomware,” an information security training specialist said.

While the robot ransomware infections have been done for the purposes of research – and presented at the 2018 Kaspersky Security Analyst Summit in Cancun, Mexico, information security experts warn that if security in robotics isn’t properly addressed now, there could be big risks in the near future. The solution to this issue is for robotics manufacturers to think about cyber security at every step of the manufacturing process from day one, an information security training consultant said.

A Softbank spokesperson told “We will continue to improve our security measures on Pepper, so we can counter any risks we may face”.