• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Business   »   Industrial Robots are Hackable: How Do We Fix Them?

Industrial Robots are Hackable: How Do We Fix Them?

  • Posted on:May 3, 2017
  • Posted in:Business, Critical Infrastructure, Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0

Discuss cyber attacks involving robots and many people might think you’re talking about the latest Hollywood blockbuster to hit the screens. The reality, however, is that industrial robotic systems now form a vital cog in the manufacturing process of everything from silicon chips to cars and even glassware.

A new Trend Micro report, Rogue Robots: Testing the Limits of an Industrial Robot’s Security, demonstrates for the first time how robots can be compromised, and suggests a way forward to a more secure future for the Fourth Industrial Revolution. This research was done through the collaboration of our Forward-Looking Threat Research team and researchers from the Politecnico di Milano in Italy.

 

Industry 4.0 under attack

Robots are everywhere. Estimates suggest there will be 1.3 million of them in factories globally by 2018, carrying out a range of tasks in a wide variety of industries – everything from welding and packaging to food processing and die-casting. We need these systems to support Industry 4.0, a new wave of innovation based around automation and smart factories, which could transform society in a way similar to the very first steam engines in the late 18th century.

The problem, as revealed in the report, is that as these systems get smarter and more interconnected, their attack surface has grown. Web services allow external software or devices to “speak” with their robot controller via HTTP requests, while new APIs allow humans to control robots through smartphone apps. Even robot app stores have begun to spring up.

This is compounded by outdated software powering many systems, based on vulnerable operating systems and libraries like Linux 2.6. They sometimes rely on obsolete or broken cryptographic libraries, and feature poor authentication with default, unchangeable credentials.

Some industrial robots are even reachable directly from the public internet to allow for remote monitoring and maintenance. According to Trend Micro’s research, the US leads the world in having the largest volume of machines exposed to the internet in this way. Some even provide unrestricted access using anonymous credentials.

As if that weren’t enough, robot systems are also increasingly designed for close interaction with humans. While the reasons behind this are obvious, it does raise the prospect of causing physical harm to robot operators if interfered with.

A case study

The report includes a case study demonstrating exactly how an attack on a typical industrial robot (the ABB IRB140) could be achieved. We even include a video showing a real robot being attacked.

Here are just some of the security issues we found:

  • Unsecured Network and Command Injection
  • Weak Authentication
  • Naïve Cryptography
  • Memory Corruption
  • Missing Code Signing
  • Poor Runtime Isolation

By combining these vulnerabilities, we show how an attacker can implement 5 robot-specific attacks, ranging from violating safety requirements up to stealthily manipulating the manufacturing goods.

What does this mean?

Robots form an increasingly critical element of our manufacturing industries. That makes them a potential target for both financially motivated cybercriminal gangs and nation states looking to disrupt operations. The report details various threat scenarios, ranging from physical damage and sabotage to ransomware and even exfiltration of sensitive data from the factory network.

So what’s to be done? As we discuss, the answer lies in a holistic effort requiring input from all stakeholders, including cybersecurity standards makers, software developers, vendors, and network defenders. This goes way beyond merely improving the quality of embedded software, which means it could be a long road. But we hope that research like this will help to kick start that process and develop a more secure Industry 4.0.

Related posts:

  1. This Week in Security News: Robots Running the Industrial World Are Open to Cyber Attacks and Industrial Protocol Translation Gone Wrong
  2. Securing Smart Manufacturing
  3. How the Industry 4.0 Era Will Change the Cybersecurity Landscape
  4. Securing the Connected Industrial World with Trend Micro

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Trend Micro Asks Students How Their Relationship to the Internet Has Changed During COVID-19
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.