Robo-helpers will soon help themselves to data

Poorly secured robo-helpers will be weaponised by attackers. By Steve Durbin, Managing Director, ISF

Over the coming years, organisations will experience growing disruption as threats from the digital world have an impact on the physical. Invasive technologies will be adopted across both industrial and consumer markets, creating an increasingly turbulent and unpredictable security environment. The requirement for a flexible approach to security and resilience will be crucial as a hybrid threat environment emerges.

While Rosie the Robot Maid from The Jetsons may have seemed to be the perfect helper, by 2022, the Information Security Forum (ISF) anticipates that a range of robotic devices, developed to perform a growing number of both mundane and complex human tasks, will be deployed in organisations and homes around the world. Friendly-faced, innocently-branded, and loaded with a selection of cameras and sensors, these constantly connected devices will roam freely. Poorly secured robo-helpers will be weaponised by attackers, committing acts of corporate espionage and stealing intellectual property. Attackers will exploit robo-helpers to target the most vulnerable members of society, such as the elderly or sick at home, in care homes or hospitals, resulting in reputational damage for both manufacturers and corporate users.

Organisations will be caught unawares as compromised robo-helpers such as autonomous vacuum cleaners, remote telepresence devices and miniature delivery vehicles roam unattended and unmonitored. The potential for these invasive machines to steal intellectual property and corporate secrets through a range of onboard cameras and sensors will become a significant concern. Organisations developing and using care-bots, a type of robo-helper designed for healthcare, will face significant financial and reputational damage when vulnerable individuals suffer emotional, physical, psychological and financial harm when care-bots are compromised.

This proliferation of robo-helpers into the home, offices, factories and hospitals will provide attackers with a range of opportunities to make financial gains and cause operational damage. Nation states and competitors will target robo-helpers that have access to sensitive areas in order to steal critical information. Organised criminal groups and hackers will also use manipulative techniques to frighten and coerce individuals into sending money or giving up sensitive information.

Imagine this scenario: the building maintenance division of a large pharmaceutical organisation decides to replace its staff at the research and development (R&D) site with a range of outsourced, automated robots. These robo-helpers carry out building maintenance and sanitation operations in place of their human counterparts. Each unit is fitted with cameras and sensors and requires network connectivity in order to operate. Shortly after their deployment, details of an early phase experimental drug trial are leaked to the media.

Are you sure that your robo-helpers are secure?