Trend Micro got that number by running searches for about two weeks on Shodan, ZoomEye and Censys, search services that index data from internet-wide scans, looking for things like web cams, routers, servers and devices on the internet of things.
They then zeroed in on the industrial routers and robots that responded to their queries.
If the industrial robots responded, that meant they were not only connected to the internet but they were exposed. If secured, the robots wouldn’t be directly accessible from an unauthenticated random IP address querying them.
The robots’ responses also gave researchers the software version they were running, along with their manufacturer.
The study found industrial robots from five different vendors -- like ABB Robotics, FANUC FTP, Yaskawa, Kawasaki E Controller and Mitsubishi FTP -- and 12 of their brands of industrial robots. More than 80,000 of them are working in factories around the world.
Nunnikhoven said it’s unclear how many companies are operating these robots, but more than 10,000 of the machines are running in the U.S. The U.S., followed by Australia and Japan, were the three countries with the highest number of exposed industrial robots.
“It reflects the U.S. take on manufacturing,” said Nunnikhoven. “There’s a resurgence in trying to get smarter factories, and smarter factories would tend to have more industrial robots in play.”
According to the study, of the more than 83,000 exposed industrial robots, 59 had known vulnerabilities and more than 5,100 had no authentication.
So why would a company link an industrial robot working on a manufacturing line to the internet? Company IT managers might want internet access to robots so they could remotely adjust the robot's programming or check the status of their factory lines.
“There is some logic to it, but a lot of warning flags too,” Nunnikhoven said. “People tend to look at the positive and the possibilities, and they don’t look at the risks. They say, ‘Hey, we can query from one central location or get status from manufacturing lines in real time, even though we’re manufacturing from the other side of the planet. This exposes you to significant risks.”
Nunnikhoven said the researchers worked in isolation -- as opposed to a robot operating on a live factory floor. He said the researchers were able to hack into an industrial robot used for welding that had been set up like many typically are in factory situations. Once they had hacked in, the researchers were able to alter the robot’s configuration so it was no longer welding in a straight line.
“The robot has to be extremely precise,” Nunnikhoven explained. “Say, a [robotic] arm is doing a weld on a car line. It has to be very accurate to ensure the car chassis is strong enough to withstand impact and meet safety regulations. If they add a curve in [the weld], that’s a defect and that could be catastrophic when that car hits the road.”
Sign up for CIO Asia eNewsletters.