Why robot ransomware could cripple your business

Security researchers were able to deliver ransomware to Pepper and NAO robots, halting business functions and even causing physical harm to human employees.

2018's top ransomware target: IoT
Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Security researchers from IOActive exploited vulnerabilities in the Pepper and NAO robots that allowed them to use ransomware to halt their work, display inappropriate content or language to customers, or perform violent movements during work
  • Robotics manufacturers must build cybersecurity into their products from the beginning to protect against ransomware and other attacks.

Phishing emails aren't the only vector for ransomware attacks to hit your business: Ransomware for robots is an increasing risk, as these devices can be exploited and locked to the detriment of business operations, according to research from IOActive, detailed in Friday blog post.

Ransomware attacks--in which hackers deliver malware typically via spear phishing emails that locks up valuable data assets, and demands payment to release them--have boomed in recent years, and that trend is only expected to increase in 2018.

Last year, IOActive uncovered about 50 vulnerabilities in in many well-known enterprise robot models. They found that attackers could exploit these flaws to spy via the robot's microphone and camera, leak data, or even cause physical harm.

SEE: Cybersecurity spotlight: The ransomware battle (Tech Pro Research)

In this new post, IOActive researchers found that they could exploit an undocumented function that allows remote command execution on both the Pepper and NAO robots--two of the most used in businesses, research, and education worldwide. With these robots, and others that perform similar functions, cybercriminals could use ransomware to halt their work, display inappropriate content or language to customers, or perform violent movements during work, the researchers found.

The proof-of-concept attack offers a glimpse of the risks associated with a lack of security in robots, as noted by our sister site ZDNet, and the potential impact that using a cyberattack to halt a robot's work could have on a business.

Further, most robots are difficult to reset after a malfunction or attack, the researchers noted: Robot repair usually requires shipping it back to the vendor or a technician and waiting several weeks, as well as paying the costs.

"Our research demonstrates that ransomware for robots is a real threat with potentially huge economic implications for businesses - even more than regular ransomware," the post noted. "Regular ransomware can be easily removed and data recovered with an available backup. On the other hand, robot ransomware can't be easily removed, the robots require specially trained technicians to repair problems, and non-operational downtime leads to lost production and revenue."

These issues with robots could allow cybercriminals to demand higher ransoms than usual, the post noted. And businesses lose money every second that robots stop functioning, through lost revenue, production, and/or repair costs. For many, paying a ransom to get the robots back online could be less expensive than the alternative, the report said.

The solution to ransomware for robotics, as with security vulnerabilities in Internet of Things (IoT) devices, is for manufacturers to build security into every step of the process from the beginning, ZDNet noted.

"If robot vendors don't act quickly, ransomware attacks on robots could cripple businesses worldwide," according to the post.

Also see

Image: IOActive