Monday, July 22, 2024
spot_img

Trend Micro’s Research Report Suggests Ways to Fix Hackable Industrial Robots

spot_img
spot_img
spot_img
- Advertisement -

Trend Micro released its latest report that analyzes how easily an industrial grade robot could be actually ‘hacked’, also demonstrates for the first time how robots can be compromised, and suggests a way forward to a more secure future for the Fourth Industrial Revolution (Industry 4.0). This research was done through the collaboration of Trend Micro’s Forward-looking Threat Research (FTR) team and researchers from the Politecnico di Milano (POLIMI) in Italy.
The research puts the spotlight on the security and vulnerability of industrial robots. The Industry 4.0 revolution calls for industrial robots to increase their complexity and interconnectedness, thus exposing them as part of the attacker surface. As per Trend Micro’s analysis, researchers discovered different ways that make industrial robots vulnerable – from the usage of outdated software and weak authentication, to exposure due to the usage of public IPs, vulnerable OSs and libraries, obsolete or cryptographic libraries; and weak authentication systems with default, unchangeable credentials.
The Trend Micro FTR Team found approximately 83,673 devices exposed to remote attackers, and 5105 devices had no authentication leading to unrestricted access using anonymous credentials. As per Censys, ZoomEye, and Shodan search results, these industrial devices reside on public IP addresses, which could include exposed industrial robots, further increasing risks that an attacker can access and compromise them. According to Trend Micro’s research, the US leads the world in having the largest volume of machines exposed to the internet in this way.
Operating an industrial robot requires several parts working together properly. Industrial robots are expected to perform with a high degree of safety, accuracy, and integrity. Any violation of these operational requirements, if initiated through a digital attack, can allow a cyber-attacker to take control of a robot. In Trend Micro’s comprehensive security analysis, the researchers were able to analyze the impact of system-specific attacks and demonstrate attack scenarios on actual standard industrial robots in a controlled environment of laboratory setting. The demonstration showed how remote attackers can alter or introduce minor defects in the manufactured product, physically damage the robot, steal industry secrets, or injure humans.
“Trend Micro researchers were able to determine five classes of attacks that are possible once an attacker is able to exploit any of the several weaknesses that we found in industrial robot architectures and implementations. The vendors, with whom Trend Micro is working closely, have taken the results very responsibly, showing a positive attitude toward securing the current and future generation of industrial robots. We hope that research like this will help to kick start that process and develop a more secure Industry 4.0,” said Mr. Nilesh Jain, Country Manager (India and SAARC), Trend Micro.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img
spot_img
spot_img