Hacked robots could be used to kill people, poison pets and help thieves rob homes, experts reveal

Criminals could exploit a number of existing flaws to gain control of machines in houses and workplaces

Aatif Sulleyman
Thursday 02 March 2017 12:50 GMT
Comments
'Once a home robot is hacked, it’s no longer the family’s robot, it’s essentially the attacker’s'
'Once a home robot is hacked, it’s no longer the family’s robot, it’s essentially the attacker’s' (Getty/iStock)

Your support helps us to tell the story

Our mission is to deliver unbiased, fact-based reporting that holds power to account and exposes the truth.

Whether $5 or $50, every contribution counts.

Support us to deliver journalism without an agenda.

Louise Thomas

Louise Thomas

Editor

Researchers have discovered a number of security vulnerabilities in existing robots, which they say can be used by criminals to cause serious harm to their owners.

IOActive tested robot operating systems and other software in order to identify nearly 50 flaws in robots from vendors including SoftBank Robotics, UBTECH Robotics, ROBOTIS, Universal Robots, Rethink Robotics, and Asratec Corp.

Insecure communications, authentication issues, weak cryptography, memory corruption and privacy problems were just some of the issues named by the firm’s senior security consultant Lucas Apa.

The research paper says that criminals could exploit the flaws to gain control of robots in homes and workplaces, using them to spy on people and cause physical damage.

“Compromised robots could even hurt family members and pets with sudden, unexpected movements, since hacked robots can bypass safety protections that limit movements,” it says. “Hacked robots could start fires in a kitchen by tampering with electricity, or potentially poison family members and pets by mixing toxic substances in with food or drinks.

“Family members and pets could be in further peril if a hacked robot was able to grab and manipulate sharp objects.”

It adds that robots integrated with smart home automation systems could also assist burglars by deactivating alarms and locks. Even if they aren’t integrated, however, hackers could still use them to issue instructions to voice assistants, such as Alexa and Siri.

“A hacked, inoperable robot could be a lost investment to its owner, as tools are not yet readily available to ‘clean’ malware from a hacked robot,” it adds. “Once a home robot is hacked, it’s no longer the family’s robot, it’s essentially the attacker’s.”

IOActive say it has alerted all of the vendors named above, and will only release specific details of the vulnerabilities once they’ve had enough time to fix them.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in