The entire corpus of science fiction has trained humanity to fear the day when helpful household and industrial robots turn against it, in a Skynet-style uprising. But a much more near-term threat lurks in the age of automation: not that anthropomorphic gadgets will develop minds of their own, but that a very human hacker will take control of them.
At the Hack in the Box security conference later this week in Singapore, Argentinian security researchers Lucas Apa and Cesar Cerrudo plan to demonstrate hacker attacks they developed against three popular robots: the humanoid domestic robots known as the Alpha2 and NAO, as well as a larger, industrial-focused robotic arm sold by Universal Robots. The duo plan to show—and have captured in videos like the one above—that they can hack those machines to either change critical safety settings or, in the case of the two smaller bots, send them whatever commands they choose, turning them into surveillance devices that silently transmit audio and video to a remote spy.
“They can move, they can hear, they can see,” says Cesar Cerrudo, the chief technology officer of IOActive, where both of the researchers work. Those features could soon make robots at least as tempting a target for spies and saboteurs as traditional computers or smartphones, he argues. “If you hack one of these things, the threat is bigger.”
In terms of actual, physical danger, the most serious of the three attacks Cerrudo and Apa developed affects Universal Robots’ “collaborative” robots. These multi-jointed arms extend as far as four feet, can lift up to 22 pounds, and are work in industrial settings alongside humans. The two researchers found that the robots’ software had no real authentication, and implemented only easily-cracked integrity checks meant to prevent a hacker from installing malicious updates. A live video demo shows that they could use a common security vulnerability called a “buffer overflow” to gain unauthorized access to the robot arm’s operating system, and overwrite the “safety.conf” file that constrains the robot’s movements with limits on its speed, the force it applies, and how it reacts when its infrared sensors detect someone nearby.
That could not only cause the robot to damage itself by overextending or overstressing its arm, but could also harm human workers within reach, they warn. “These robots have the force to cause actual bone fractures,” Apa says. “Safety protections are the ultimate way they can avoid hurting the people around them. If they’re hacked, the consequences could be catastrophic.”
The other two robots that the IOActive researchers focused on were smaller, friendlier “companion” robots meant for entertainment, education, and Amazon Echo-like voice interaction. Beyond merely editing a single file, as they did with the Universal Robots arm, they showed they could install software on both of the humanoid robots to fully control them.
They found that the Alpha2, sold by the Chinese company UBTech, ran a version of Google’s Android operating system that doesn’t use code-signing, a security measure that prevents the installation of rogue software. The Alpha2 also didn’t encrypt its connections, allowing man-in-the-middle attacks that attackers could use to inject malicious apps. The NAO robot, sold by the Japanese firm Softbank, had similar vulnerabilities; the IOActive researchers say the bot’s code was initially intended to be a development version, but was pushed to market prematurely by Softbank and the French startup Aldebaran that created NAO, which it acquired in 2013.
In one video below, the researchers demonstrate one Chucky-style extreme of what surreptitious control of an Alpha2 might entail.
Privacy invasion presents a more realistic worry. Both domestic robots contain mobile cameras and microphones whose data a spy could not only intercept, but manipulate and move at will around a target’s house. In the video below, the researchers hijack a NAO robot’s commands to see through its cameras and control where they’re facing direction.
The researchers’ hacking demonstrations expand on a broader security analysis of robots they first revealed in March of this year. That earlier study found more than 50 hackable security vulnerabilities in robots and robotics software sold by companies that also included Rethink Robots, Robotis, and Arsatec. At the time, the researchers obscured which vulnerabilities they had found in which robots to give their manufacturers a chance to fix the flaws. They also only physically obtained the three they’re demonstrating their attacks on; the rest relied on firmware analysis.
In statements to WIRED, both UBTech and Softbank downplayed the researchers’ findings. A UBTech spokesperson wrote in a statement that “all relevant concerns have been fully addressed by UBTECH,” and a Softbank spokesperson wrote that “We believe that there are no problems to worry about, ” so long as users set a strong password for the robot and the Wi-Fi network to which it’s connected. But Apa and Cerrudo counter that they’ve monitored updates for both robots and haven’t seen one that fixes either device’s security issues, which they say also don’t necessarily depend on the user setting a weak or default password for their robot or Wi-Fi. A Universal Robots spokesperson said in a statement that “while our products meet their specifications and stated standards, we’ve been made aware of the report and we monitor closely the potential vulnerability described and potential countermeasures.”
Earlier this year, another team of researchers from Italy’s Politecnico Milano showed that they could take over an even larger, potentially more dangerous industrial robot arm, the 220-pound ABB IRB140. Apa and Cerrudo also point out that the vulnerable firmware of the NAO robot they analyzed is also used in the Pepper robot, a larger humanoid bot sold by Softbank and used as a household and retail bot, even acting as a point-of-sale device in stores.
So forget science fiction. Robots already present all too real vulnerabilities that hackers will soon have plenty of incentive to abuse. “In a couple of years, these robots will be very tied into family life and business,” says Cerrudo. “When they get hacked, there will be serious consequences.”