May 19, 2017

New report details how hackers could target industrial robots

Rajanish Kakade / AP

Industrial robots (those used in fields like aerospace, automative, pharmaceutical, and welding) pose an enticing and dangerous opportunity to hackers since many of them are actually connected to the Internet, a new report finds.

Trend Micro and researchers from the Polytechnic University at Milan released a report detailing how hackers could compromise industrial robots, making various industries susceptible to hacks similar to the recent ransomeware attack.

One problem: The researchers found many of the robots they scanned during a two-week period were connected to company networks or the Internet — " some of which even provided unrestricted access using anonymous credentials (i.e., the authentication system was disabled)," they wrote.

Another problem: Much of the software used in these robots is patched together or not properly updated. They found that many had embedded remote access devices, which allow someone to connect to and control the robot from a remote location, as if they were on the local network. And, the researchers noted that "some vendors implement safety features such as emergency stop (e-stop) buttons in software," meaning a hacker could shut down the industrial robots.

One quick thing: The researchers also found that a complete robot with its controller could cost a hacker anywhere between $13,000 and $35,500.

Go deeper