There are a lot of conspiracy theories about robots taking over our jobs or killing the humanity. In fact, famous physicist Professor Stephan Hawking agrees with researchers who claim AI robots will leave humanity ‘‘Utterly Defenceless.’’ Now, researchers at IOActive, a cyber security company has revealed that [Pdf] programs which “bring them (robots) to life” carry critical vulnerabilities which can be used by threat actors for negative purposes.

The development of artificial intelligence (AI) robots is on the rise. Last year, IBM developed Ross – World’s first AI lawyer and plans are to license it for being utilized in domains like bankruptcy, restructuring and creditors’ rights team. The US government also wants to put robots in the military and weaponize them with artificial intelligence. That being said, the cyber criminals are also keeping an eye on the situation and exploiting existing vulnerabilities in the infrastructure of robots can turn the table for all the wrong reasons.

More: Artificial Intelligence Robot claims it will destroy human race

IOActive’s researchers tested models from a number of vendors including SoftBank Robotics’s NAO and Pepper robots, UBTECH Robotics’s Alpha 1S and Alpha 2 robots, ROBOTIS’s ROBOTIS OP2 and THORMANG3 robots, Universal Robots’s UR3, UR5, UR10 robots’ Rethink Robotics’s Baxter and Sawyer robots, Asratec Corp’s robots using the affected V-Sido technology.

Among their findings, the researchers discovered authentication issues, insecure communication system, weak cryptography, privacy flaws, weak default configuration, vulnerabilities in open source robot frameworks and libraries.

Damages that can be caused by a hacked robot:

The research further revealed that after exploiting above mentioned vulnerabilities attackers could use a hacked robot to spy on people, homes, offices and even cause physical damage. This makes a perfect scenario for government-backed spying groups to keep an eye on military and strategic places once and if the target country is using robots in its military or sensitive installations.

It a nutshell, the research covers every aspect of life where robots can be used in the future and cause massive damage including homes, military and law enforcement, healthcare, industrial infrastructure, and businesses.

“Compromised robots could even hurt family members and pets with sudden, unexpected movements since hacked robots can bypass safety protections that limit movements,” says the research. “Hacked robots could start fires in a kitchen by tampering with electricity, or potentially poison family members and pets by mixing toxic substances in with food or drinks.

“Family members and pets could be in further peril if a hacked robot were able to grab and manipulate sharp objects,” it adds.

Another dangerous aspect discovered in this research is that thieves and burglars can also hack Internet-connected home robots and direct them to open doors. Even if robots are not integrated, they could still interact with voice assistants, such as Alexa or Siri, which integrate with home automation and alarm systems.

“A hacked, inoperable robot could be a lost investment to its owner, as tools are not yet readily available to ‘clean’ malware from a hacked robot,” it adds. “Once a home robot is hacked, it’s no longer the family’s robot; it’s essentially the attacker’s.”

Previous cases of damages done by robots:

Last year, a 5-foot-tall and 300-pound Knightscope security robot at the Stanford Shopping Center, California knocked down a 16-month-old boy and ran him over. Last year again, a humanoid-looking robot in Russia fled after figuring out that the engineers forgot to shut the gates and blocked the traffic. In 2015, a technician at the Germany-based Volkswagen production plant was killed by a robot however in that case investigators blamed human error rather than a robot behind the killing of the technician.

More: Researcher Finds Backdoor in NASA’s Curiosity Rover Operating System

At the time of publishing this article, researchers at IOActive had only released limited information about the vulnerabilities since it will take a while for manufacturers to fix the problems highlighted by researchers.

Source: IOActive [Pdf]


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.