Even though a lot of advancements have been made in the world of robotics as of late, there are some critical issues that we need to overcome. A new report by IOActive shows how robots suffer from a wide range of cyber vulnerabilities. We have identified a few pressing concerns in this regard.
6. Insecure Communication
Any robot will need to maintain a certain level of communication at any given time. Especially when put together in a work environment, communication is of the utmost importance. However, it appears that most robots use insecure methods of communication. Internet and Bluetooth communications don’t occur over properly encrypted protocols in a most cases. Some robots even connect to the Internet without any protection, exposing sensitive data to anyone looking for it.
5. Privacy Issues
It is not entirely surprising to find out that robot ecosystems are not that great at keeping sensitive information private. Both personal and financial data may inadvertently be shared between the robot and third parties. Some robots’ mobile apps send private information to remote servers without the user consenting to doing so. In fact, the user is never asked if this should happen in the first place. Not a positive development by any means.
4. Weak Default Configuration
Although this has been said many times, different configurations for any type of device are a major security flaw. Robots are not different in this regard. Some of the machines’ features can be accessed through software services within the robot itself. However, their default configuration allows anyone to access them, rather than just authorized users. Moreover, the end user should password protect these features, which is not done by default either.
3. Missing Authorization
Functions of any robot should only be accessible by the primary user. Sadly, that is anything but the case, as a lot of robotic solutions do not implement proper authentication. Even critical functions, such as installing new applications and updating the robot’s firmware, are not always subject to specific authorization implementations. Attackers can bypass these security features to install rogue software in these robots and even exert full control over the machine. A very disturbing development, that much is certain.
2. Vulnerable Open Source Robot Frameworks
One of the biggest threats to robotics is how their open source frameworks are vulnerable to cyber attacks. The Robot Operating System – a framework for writing robot software – for example, has a multitude of security problems. Its flaws range from cleartext communication to weak authorization. Most of these issues are found in the majority of products created by robotics manufacturers. With researchers and enthusiasts using similar tools and software, a lot of cybersecurity flaws are found in different software packages. Commercialization of these tools is more important than addressing security concerns, by the look of things.
1. Cryptographic Flaws
The biggest concerns a lot of robots face right now is their lack of proper cryptographic standards. Without cryptography, it becomes very difficult to protect data, including encryption keys, personal information, and vendor service credentials. Additionally, receiving software updates required proper cryptographic standards to ensure the data is not compromised. Very few commercial robots available right now use any secure form of cryptography, which is a problem that needs to be addressed sooner rather than later.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
