By 2018, there could be 1.3 million robots in factories globally. That's 1.3 million machines at risk of being hacked.
From baristas to pizza chefs, automation is quickly taking over the economy, expected to kill off 6 percent of all US jobs by 2021. Factories that make your phones, cars and planes already depend primarily on machines to automatically put together devices.
Humans can't keep up with a robot's pace, strength and durability, but at least they've got machines beat on cybersecurity. A series of tests conducted by Politecnico di Milano and cybersecurity firm Trend Micro found that factory robots have weak network security. Some systems used simple usernames and passwords that couldn't be changed, while others didn't even need a password.
The firm looked at robots from ABB, Fanuc, Mitsubishi, Kawasaki and Yaskawa. The industrial machines also have poor software protection, and some run on outdated software, according to the firm's research paper. The team found tens of thousands of robots using IP addresses that are public, which increases the risk of hackers getting easy access.
Operators and programmers can manage their machines remotely, sending commands to robots through their computers or phones. If the connection is insecure, hackers could hijack the machines, leading to sabotage and product defects.
The researchers tested a robot from ABB, which was programmed to draw a straight line. By reverse-engineering the RobotWare control program and the RobotStudio software, the researchers hacked the machine's network and switched it to draw a line that 2 millimeters off. You can watch it here:
Machines are programmed to be extremely precise in their movements, because the slightest miscalculation can cause catastrophic defects. ABB has since fixed the flaws in its machine's software, but Trend Micro's findings raise concerns more generally for automation in the future. The firm recommends companies set up industrial robot cybersecurity standards before automation takes over every factory.
Download SafeUM — communicate privately, without advertising and spam.
