March 13, 2018 by

Robots are Now Vulnerable to Ransomware Attacks

Security researchers have put the spotlight on malware affecting humanoid robots with the first proof-of-concept ever hack to showcase a ransomware attack on robots.

Ransomware attacks targeting robots are becoming an increasing risk, researchers from IOActive have detailed, pointing to at least 50 vulnerabilities discovered in a number of well-known enterprise robot models. Attackers could manipulate these flaws to spy on the robot’s microphone and camera, leak data and even cause serious physical harm, researchers wrote.

Robots are already a part of modern day homes, businesses, educational centers and businesses as toys, companions, healthcare attendants or customer assistants. That trend is only set to increase.

Through the course of their research, the security experts determined that most modern robots only handle data that is captured, retrieved, processed and transmitted to be stored in other storage endpoints. Sensitive in-transit information like high-def video fed, audio recording captured by 2 to 4 directional microphones or payment information is not always persistent on a robot’s internal storage. As a result, this in-transmit information is ripe for attack.

Researchers wrote:

Instead of encrypting data, an attacker could target key robot software components to make the robot non-operational until the ransom is paid.

Robots, unlike computers, don’t store large amounts of valuable information that a user would like to retrieve. However, if a robot gets infected with ransomware, it’s almost impossible for the user to restore it to default by themselves, unlike a computer.

Instead, a robot user might be tempted to pay the ransom compared to the alternative of waiting for a technician to arrive and fix the robot or worse, losing the robot for weeks together if it needs to be returned to the manufacturer.

 “If it’s one robot then it could take less time, but if there are dozens or more, every second they aren’t working, the business is losing money. Keeping this in mind, shipping lots of robots takes a lot of time, so the financial impact is bigger when you have a computer compromised with ransomware,” Cesar Cerrudo, CTO at the security firm told ZDNet.

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Free Decryption Tool Brings Respite to Victims of Aggressive Ransomware

A new and unusual family of ransomware has met its match after a ransomware tool backed by Europol...

Read more arrow_forward

Ransomware is ‘Modern-Day Extortion’, Says McAfee CEO

The chief executive of cybersecurity firm McAfee has labelled ransomware as the modern day answer to...

Read more arrow_forward

US Hospital Coughs Up $55,000 to Hackers after Ransomware Attack

A ransomware attack targeting a hospital in Greenfield, Indiana, has seen hackers make away with...

Read more arrow_forward