Mike Gennert, a professor and director of the Robotics Engineering Program at Worcester Polytechnic Institute, in Worcester, Mass., said unsecured robots are the result of IT departments having to work with a new technology.
“It’s a whole other level of complexity in our systems,” Gennert said. “In the past, when you had a robot on a factory floor, it wasn’t part of a network that the outside world could view. There was a limited ability for malicious actors to connect with your robot. Now all these devices are on the internet and they’re all exposed.”
That means that companies will need to make sure there are IT managers, or even C-level executives, who can oversee robotics, making sure the technology is supporting the company’s business strategy while also making sure the machines are secure.
One challenge for companies will be to find people who have experience in both robotics and security. “There will be a few folks, but it will be a hot market because not many students study both robotics and security,” Gennert said. “Those that do both will be able to write their own ticket.”
Until companies can effectively combine robotics with security, robots may be an easy entryway for a hacker into a company's networks.
Nunnikhoven said there’s no direct evidence that hackers have taken advantage of these exploits. There aren’t proper monitoring systems in place to know if the systems have been exploited, he said.
Malicious hackers could get into a robot's controller system and make adjustments to its actions, which could create a dangerous situation in the factory or could enable the robots to build unsafe products on the production line.
Hackers also could gain access to the programming used to make the company's products, or they could use the robot as a jumping off point to hack into other enterprise systems. Companies could fall victim to ransomware or sabotage.
"This is dangerous in several ways," said Olds. "The first is pretty obvious -- a hacker gets control of a robot and uses it to destroy company products or to hurt a human operator."
How the research was done
"We looked at cybersecurity [because the robots] are being connected to larger networks and the internet itself," he said. "During our research, the team found more than 83,000 of these robots exposed to the internet."
Sign up for CIO Asia eNewsletters.