Trend Micro Incorporated released its latest research report ‘Rogue Robots: Testing the Limits of an Industrial Robot’s Security’. The report analyzes how easily an industrial grade robot could be actually ‘hacked’, also demonstrates for the first time how robots can be compromised, and suggests a way forward to a more secure future for the Fourth Industrial Revolution (Industry 4.0). This research was done through the collaboration of Trend Micro’s Forward-looking Threat Research (FTR) team and researchers from the Politecnico di Milano(POLIMI) in Italy.
The research puts the spotlight on the security and vulnerability of industrial robots. The Industry 4.0 revolution calls for industrial robots to increase their complexity and interconnectedness, thus exposing them as part of the attacker surface. As per Trend Micro’s analysis, researchers discovered different ways that make industrial robots vulnerable – from the usage of outdated software and weak authentication, to exposure due to the usage of public IPs, vulnerable OSs and libraries, obsolete or cryptographic libraries; and weak authentication systems with default, unchangeable credentials.
The Trend Micro FTR Team found approximately 83,673 devices exposed to remote attackers, and 5105 devices had no authentication leading to unrestricted access using anonymous credentials. As perCensys, ZoomEye, and Shodan search results, these industrial devices reside on public IP addresses, which could include exposed industrial robots, further increasing risks that an attacker can access and compromise them. According to Trend Micro’s research, the US leads the world in having the largest volume of machines exposed to the internet in this way.
Operating an industrial robot requires several parts working together properly. Industrial robots are expected to perform with a high degree of safety, accuracy, and integrity. Any violation of these operational requirements, if initiated through a digital attack, can allow a cyber-attacker to take control of a robot. In Trend Micro’s comprehensive security analysis, the researchers were able to analyze the impact of system-specific attacks and demonstrate attack scenarios on actual standard industrial robots in a controlled environment of laboratory setting. The demonstration showed how remote attackers can alter or introduce minor defects in the manufactured product, physically damage the robot, steal industry secrets, or injure humans.
“Trend Micro researchers were able to determine five classes of attacks that are possible once an attacker is able to exploit any of the several weaknesses that we found in industrial robot architectures and implementations. The vendors, with whom Trend Micro is working closely, have taken the results very responsibly, showing a positive attitude toward securing the current and future generation of industrial robots. We hope that research like this will help to kick start that process and develop a more secure Industry 4.0,” said Nilesh Jain, Country Manager (India and SAARC), Trend Micro.
The problem, as revealed in the report, is that as these systems get smarter and more interconnected, their attack surface has grown. Web services allow external software or devices to ‘speak’ with their robot controller via HTTP requests, while new APIs allow humans to control robots through smart phone apps. Even robot app stores have begun to spring up. Some industrial robots are even reachable directly from the public internet to allow for remote monitoring and maintenance.
Estimates suggest there will be 1.3 million of them in factories globally by 2018, carrying out a range of tasks in a wide variety of industries – everything from welding and packaging to food processing and die-casting. We need these systems to support Industry 4.0, a new wave of innovation based around automation and smart factories, which could transform society in a way similar to the very first steam engines in the late 18th century.