Hacked robots could be used to kill people, poison pets and help thieves rob homes, experts reveal
Criminals could exploit a number of existing flaws to gain control of machines in houses and workplaces
Your support helps us to tell the story
As your White House correspondent, I ask the tough questions and seek the answers that matter.
Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.
Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election
Andrew Feinberg
White House Correspondent
Researchers have discovered a number of security vulnerabilities in existing robots, which they say can be used by criminals to cause serious harm to their owners.
IOActive tested robot operating systems and other software in order to identify nearly 50 flaws in robots from vendors including SoftBank Robotics, UBTECH Robotics, ROBOTIS, Universal Robots, Rethink Robotics, and Asratec Corp.
Insecure communications, authentication issues, weak cryptography, memory corruption and privacy problems were just some of the issues named by the firm’s senior security consultant Lucas Apa.
The research paper says that criminals could exploit the flaws to gain control of robots in homes and workplaces, using them to spy on people and cause physical damage.
“Compromised robots could even hurt family members and pets with sudden, unexpected movements, since hacked robots can bypass safety protections that limit movements,” it says. “Hacked robots could start fires in a kitchen by tampering with electricity, or potentially poison family members and pets by mixing toxic substances in with food or drinks.
“Family members and pets could be in further peril if a hacked robot was able to grab and manipulate sharp objects.”
It adds that robots integrated with smart home automation systems could also assist burglars by deactivating alarms and locks. Even if they aren’t integrated, however, hackers could still use them to issue instructions to voice assistants, such as Alexa and Siri.
“A hacked, inoperable robot could be a lost investment to its owner, as tools are not yet readily available to ‘clean’ malware from a hacked robot,” it adds. “Once a home robot is hacked, it’s no longer the family’s robot, it’s essentially the attacker’s.”
IOActive say it has alerted all of the vendors named above, and will only release specific details of the vulnerabilities once they’ve had enough time to fix them.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments