Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 7 July, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The biggest security problems with robotics

by The Gurus
May 5, 2017
in Editor's News
Share on FacebookShare on Twitter

Robotic devices and automation platforms — which are similar in many ways — seem to be exploding in the IoT market, and for good reason. The idea behind these systems is to automate or carry out basic tasks so we have more time to do the important stuff.
But a new study from authors at IOActive, reveals that robots are just like many other technologies that exist today — they are not inherently secure and present a lot of risks. The paper that presents this info is called Hacking Robots Before Skynet and comes from Cesar Cerrudo, the CTO at IOActive, and Lucas Apa, Senior Security Consultant for the same company.
Cerrudo and Apa present several reasons why this innovative and growing technology may be dangerous in terms of security, privacy and stability. They explain how robot technology is insecure — as is anything connected to the internet — and that lack of security could pose risks.
Since forecasts show global spending on robotics and similar technology will approach $188 billion by 2020, it’s time to start talking about these things.
What Are the Major Security Problems in Robotics?
You can read more about it in Cerrudo and Apa’s report, but below you’ll find the primary reasons why modern robotics are insecure. They rely on insecure wireless connections, don’t follow proper privacy and security protocols, employ poor user authentication measures and lack strict security policies for their default configurations.
Keep in mind, fixing all these points is crucial to building stronger security. Security and privacy are not to be taken lightly, and these problems present sizable vulnerabilities. And that’s unfortunate because there are lots of things we’d rather let robots do — like vacuum.
Robotic smart vacuums can roam around the home on a schedule and clean. They vacuum dirt, dust and nasties so you don’t have to spend your weekends lugging around a machine or sweeping. If you do have to clean at the end of the week, there’s a lot less to do thanks to your little robotic buddy.
This is just from the consumer side of things and only looks at a single type of device, but it’s an example of something seemingly innocuous that represents a real security risk. Corporations have thousands of robotic options, from the enterprise and corporate world to industrial setups. Amazon even uses robots in their shipping and packaging warehouses.
An insecure robot with access to millions of addresses — and their preferred spending habits — could be a hacker’s dream. Such risks don’t even factor in security risks from external sources, like employees. Regardless of intent, it’s entirely possible for your workforce to cause security breaches.
Their personal devices can be a liability for an internal network. Even unsanctioned activities and usage on company devices and systems can pose major security risks. Making sure employees have the proper training in security and technology is crucial to the safety of your business.
Perhaps even more important is fixing the following security issues in robotics and autonomy systems.

  1. Insecure Connections

Most robotic devices or IoT devices rely on Bluetooth and Wi-Fi wireless protocols to access the internet and interface with other tech. While these connection methods are perhaps not the most secure, the problem isn’t the technology itself. The problem is how data is being transmitted.
Most data is being sent as clear, unhindered content, and, when it’s encrypted, the methods used are poor. Poor encryption methods mean anyone who gets access to the data has all the information they need to carry out attacks or cause harm.

  1. Privacy Falls by the Wayside

As most platforms do, robotic and IoT devices report data remotely to various servers and company systems, sometimes even without user consent or permission. In some cases, data collection and reporting is necessary, while in others it is not. Permission doesn’t necessarily matter. The real problem is that sensitive data is not just being transmitted, it’s also at risk.
The data at risk could include mobile network and device details, user trends or patterns, current GPS data, tracked stats and much more. If a hacker gains access to the data being transmitted, they could cause a lot of harm, but most of the users would be none the wiser as to what’s happening, at least until the company involved announces the finer details.

  1. User Authentication Is Not Strict

It doesn’t matter what a robotic unit is doing, only authorized users should be able to deliver commands and control it. You don’t want an outsider tapping into your system wreaking havoc. Often, there are no authentication measures employed — users don’t even have to login or prove their identity to interface with these devices.
In the few cases where an authentication system is used, it’s easy to bypass. The last thing you need is your robot vacuum being hacked and used as a spy tool when a built-in camera and sensors were meant to help it avoid obstacles, not output a live feed. It just goes to show that even something as simple as a robot vacuum needs proper security and privacy measures.

  1. Default Configuration Security Is Lacking

When you get a new modem or router, there is a user-based administrative account, and then there is a higher-level service account. Most consumers don’t even know about the service account or have the information to access it — even if it’s readily available.
Because it’s a high-level account with unfettered access to the system, most companies adhere to strict security policies to ensure someone who isn’t supposed to can’t gain access. Robots and IoT devices are not securely protected by such measures. The default configuration, settings, passwords and accounts are super easy to access even by guessing.
Imagine what kind of damage a stranger could do to a platform or system after gaining unhindered, administrative access?
Enhance Security for Robots
Robots are a part of our lives today — whether it’s because we ordered a gift for Mother’s Day from Amazon and had it shipped to her directly or that we own a bot ourselves to help with the cleaning. And, no matter how we use them or how inconsequential it seems, we need to ensure proper measures have been put in place to avoid a security breach.

Tags: CyberIoTroboticssecurityTechnology
ShareTweet
Previous Post

GDPR – Get ready for it!

Next Post

Positive Technologies discovers vulnerability in ATM security software

Recent News

pentesting

Pentesting is dead. Long live pentesting.

July 3, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

The industries being reimagined by AI

July 2, 2026
geopolitical cyber report

Iran-linked MuddyWater espionage campaign targets organisations across four continents

July 1, 2026
Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

July 1, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol