by Bharat Mistry
Did you know that by 2018, around 1.3 million industrial robots will be set to work in factories around the world? It’s an industry estimated to be worth $32 billion by next year, helping to power a fourth industrial revolution built on smart factories and automated processes. Yet as these robots become increasingly important in a range of industries, they’ll inevitably begin to pique the interest of cybercriminals and nation state hackers. The question is, just how exposed are they to cybersecurity threats, and what can be done about it?
That’s what Trend Micro set out to answer for the first time in a ground-breaking new report: Demonstrating Industrial Robot Attacks in Today’s Smart Factories. Its findings confirm Trend Micro as a leader in industrial IoT security, a message we’ll be taking to the Infosecurity Europe show in June.
Bots are everywhere
Industrial robots are used today to help manufacture everything from aircraft to food packaging, silicon chips to paper. Although they might appear little more than disembodied mechanical “arms”, their automation of repetitive processes is vital to a growing sweep of industries. The problem is, a large percentage of such systems are running outdated software, have poor on-board security, and are connected to the public-facing internet: a recipe for disaster.
Our research found over 83,000 industrial robots were exposed to the internet – 5,000 of which had no authentication measures in place at all. We also found 65 known and new vulnerabilities affecting such systems. A hacker could hardly wish for more, and there are ample motives for launching cyber attacks on such systems.
- Production alteration/sabotage: exploiting remote control of a robot to inject faults into the end product or action
- Ransomware attacks: would involve an attacker introducing serious defects into the production cycle and then requesting a ransom to reveal which products have been affected
- Physical damage: designed to damage a robot’s parts or cause injuries to those working close by
- Production line process interference: hacking of robotic arms to cause erratic or disruptive behavior
- Sensitive data theft: where the robot provides attackers with an unguarded entry point into the corporate network
The good news is that there are various things that can be done to mitigate the threats facing industrial robotic systems. However, given the nature of these threats, it will require attention from a wide range of industry stakeholders. Yes, identification and patching of software vulnerabilities is of course an important element. But so is system hardening via hardware support and design changes. Manufacturers should also be working towards a more secure software development life cycle to prevent bugs from creeping into systems in the first place.
Fortunately, Trend Micro has long anticipated the industrial IoT as one of the next major targets for hackers; for example, in our 2017 predictions report, The Next Tier. As a result, we offer some of the best defence around against attacks on such systems, for example through our Tipping Point next generation intrusion prevention system (NGIPS) technology and Deep Discovery Inspector.
Away from the purely technical, the report also identifies a need for industry to revisit standards. Current industrial robot standards emphasise safety requirements, but these need to evolve to incorporate a greater focus on cybersecurity if we’re to move forward.
In the end, this report is just a start. But by demonstrating a real-world attack against an industrial robot and highlighting the wide range of threats that exist in these environments, we hope it will stimulate industry stakeholders to improve cybersecurity across the board – and in so-doing safeguard the future of Industry 4.0.
Industrial IoT threats are also set to be a major talking point at this year’s Infosecurity Europe show, where Trend Micro will once again have a major presence, sharing our expertise on the conference floor and in several presentations to attendees.