Rosie the robot can be rooted (hacked) too

Hacking a robot is easy. Researchers discovered more than 50 vulnerabilities in domestic robots used in the home, as toys, companions, assistants and even sex robots.

IOActive outlined in the original research “Hacking Robots Before Skynet” and “Hacking Robots Before Skynet – Technical Appendix”, how attackers could manipulate the flaws found in these robots to spy via the robot’s microphone and camera, leak data, or cause serious physical harm.

Part of the problem comes from fundamental robotic design and the need to interact with the Internet – or is that Skynet?

First, it is relatively easy to find a robot’s hostname as most use multicast DNS to advertise their presence on the network.

DNS is a protocol within the set of standards for how computers exchange data on the Internet and on many private networks, known as the TCP/IP protocol suite. Its basic job is to turn a user-friendly domain name like “iRobot.com” into an Internet Protocol (IP) address like 70.42.251.42 that computers use to identify each other on the network. It’s like your computer’s GPS for the Internet.

Second, because some robot services do not require authentication, any user on the network can issue commands to perform actions or disable safety features. It is no longer a case of “The Butler did it.”

Spending on Consumer robotics will reach US$231 billion in the next three years. One Japanese company, SoftBank Robotics has already sold 30,000 Pepper Bots.

IOActive says while robots handle different types of valuable data, they aren’t commonly used to store it. Sensitive in-transit information includes:

  • High definition video feed
  • Audio captured by 2 to 4 directional microphones
  • Health Diagnostics and markers
  • Voice to text
  • Payment information or other customer and business information

It postured what would happen using robot ransomware to attack this in-transit information.

Possible Robot Ransomware Strategies

  • Interrupt service completely – all robots stop working.
  • Display adult content (porn) to customers, for instance, on Pepper robot’s tablet whenever the robot is on.
  • Curse customers when interacting with them. This impacts differently depending on the country laws or cultural background.
  • Perform violent movements at a random time while working.

Regular ransomware can be easily removed, and data recovered with an available backup.

It is not easy to remove robot ransomware. They require specially trained technicians to repair problems, and non-operational downtime leads to lost production and revenue.

IOActive concluded.

Though our proof of concept ransomware impacted SoftBank’s Pepper and NAO, the same attack is possible on almost any robot. Robot vendors must improve security as well as the restore and update mechanisms of their robots to minimise the ransomware threat. If robot vendors don’t act quickly, ransomware attacks on robots could cripple businesses worldwide.