"Fending off Cyberattacks on Collaborative Robots"
For operation, productivity, and safety, collaborative robots (cobots) rely on Internet of Things (IoT) devices, telemetry data, software programming, and remote control. There is an opportunity for cyberattacks to use the vulnerabilities of IoT and Industrial IoT (IIoT) devices to gain unauthorized access to cobots. Jim McKenney, practice director of Industrials and Operational Technologies at NCC Group, explains that IoT and IIoT devices connect to cobots via TCP/IP Ethernet to communicate inputs, commands, and data. McKenney emphasizes that IoT devices collect various forms of data from cobots, including performance metrics. He states that the devices and data are vulnerable if they have been misconfigured or the security is inadequate. Hackers can conduct reconnaissance on cobot systems using vulnerable devices. According to Yair Attar, co-founder and CTO of OTORIO, cybercriminals can gather information on the cobot's settings, operating system, and communication protocols to develop special malware capable of installing backdoors, granting remote access to cybercriminals, and more. Cobots are connected devices, forming a subset of IIoT. The fundamental concepts of an attack against them are identical to those of any other network-based attack. In actuality, cobots are not often the primary targets of these attacks. Francis Dinha, co-founder and CEO of OpenVPN, explains that malware can spread laterally to devices on a network, causing widespread damage. Cybercriminals can live off the land with the remote control capabilities that Information Technology (IT) has already deployed with the cobots, such as Secure Shell (SSH). Michael Nizich, director of the Entrepreneurship and Technology Innovation Center and Cyber Defense Education at the New York Institute of Technology, explains that attackers can use cobots' SSH connections for remote access to change uncompiled scripted code or gcode files to reconfigure the cobot to perform incorrectly. This article continues to discuss potential cyberattacks on cobots.
CACM reports "Fending off Cyberattacks on Collaborative Robots"