IT security researchers at Trend Mirco demonstrated [PDF] how factory/industrial robots could be hacked and used for malicious purposes by threat actors – The demonstration centers around the security flaws in Internet of Things (IoT) devices and how they require emergency security implementations.
The robots in question are manufactured by forums like ABB, Kawasaki, Fanuc and Yaskawa. T. The TrendMicro researchers found out that industrial robots from these firms have a vulnerability which allows hackers to make changes in robots altering they way they operate.
It’s a fact that more and more industrial robots are helping companies build cars, ships, airplanes, and smartphones, etc. In such an environment, a slight bit of alteration in how the robot operates can cause trouble if not havoc. For example, researchers were able to configure settings of ABB manufactured industrial robot causing an error in its operation.
According to the researchers:
- By leveraging the remote code execution vulnerability, we modified the control loop configuration files, which are naively obfuscated and thus easily modifiable. In particular, we changed the proportional gain of the first joint’s PID controller, setting it to 50% of its original value. Then we programmed the robot to perform a straight horizontal movement. The trajectory of the end effector projected on the horizontal plane was notably altered. Although the maximum difference between the position under normal conditions and under attack is small (less than 2mm), according to the specific machining that the robot is performing, it can be enough to destroy the workpiece.
Other attacks conducted by the researchers were 1: Altering the Control-Loop Parameters in which an attacker alters the control system so the robot moves unexpectedly or inaccurately, 2: Tampering with Calibration Parameters in which an attacker changes the calibration to make the robot move unexpectedly or inaccurately, 3: Tampering with the Production Logic in which an attacker can manipulate the program executed by the robot to stealthily introduce a flaw into the workpiece, 4: Altering the User-Perceived Robot State an attacker can manipulate the status information so the operator is not aware of the true status of the robot and 5: Altering the Robot State in which an attacker can manipulate the true robot status so the operator loses control or can get injured.
While discussing the threat scenario, the researchers revealed that by exploiting the robots control the researchers were able to inject faults and micro defects into the workpiece. Furthermore, the researchers also noted that there is a slight chance of infecting altered products with ransomware. Moreover, hackers can exploit the vulnerable system to control a robot, damage its parts or even cause injuries to people who work in close collaboration with it, for instance, by disabling or substantially altering safety devices. Also, since these robots are connected to the Internet, hackers can exploit these flaws to steal sensitive data belonging to the factory.
Imagine stealing secrets of an industry working on military or nuclear products.
Good news is that security firms have found some of the vulnerabilities easy to patch however some vulnerabilities occur when the machines are connected to the Internet and may take a while to be fixed. Trend Micro is in touch with these manufacturers and dealing with the situation. Therefore, no further details have been publicly released.
What hackers taking over this industrial robot
This is not the first time when researchers have found critical security flaws in robots. Just a couple of months ago IT security researchers at IOActive discovered that not only hackers could take over robots but also exploit them to kill people, spy on military secrets.
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.