Skip to main content

Home robots can be easily hacked to spy on and attack owners, say researchers

Home robots can be easily hacked to spy on and attack owners, say researchers

Share this story

Gallery Photo: SoftBank's Pepper robot
SoftBank’s Pepper robot was one of those researchers hacked.

It’s going to be a long time before robots are genuinely useful around the house, but when they get there, we’ll need to be sure they’re safe. A cybersecurity firm has proved this with a new report today demonstrating how to hack a number of popular robots — including Pepper, a humanoid greeting bot built by Japanese company SoftBank.

The researchers from Seattle-based IOActive show how the machines can be turned into surveillance devices, sending audio and video of their owners back to the hackers, or how they can be remotely controlled in ways that might harm humans. You can see this demonstrated in the video below, where an Alpha 2 robot (built by China-based UBTech Robotics) attacks a tomato as best it can with a screwdriver.

Now obviously, a bot like Alpha 2 isn’t going to cause much damage to anyone capable of just moving a foot away from it. But home robots like this are only going to get more capable and more powerful as technology progresses. Plus, IOActive also proved that even bigger, industrial robots are not immune to attacks.

As well as hacking Pepper, the Alpha robots, and Nao (another SoftBank creation), the researchers were able to compromise industrial robot arms made by a company called Universal Robotics. These arms are designed to work alongside humans, but the researchers were able to override their safety protocols.

This required the hijackers to have access to the same network as the robot (or to be able to physically tamper with it), but being able to control such a bot could have disastrous effects. As IOActive told Bloomberg, Universal Robotics’ creations are powerful enough that, “even running at low speeds, their force is more than sufficient to cause a skull fracture.”

Reports like this aren’t necessarily technically impressive or that surprising, but they prove that we take the security of many connected devices for granted. Last year, an army of hacked IoT devices — cameras, light bulbs, thermostats — was formed into a botnet and used to take down the internet. Think of the damage an army of actual robots armed with screwdrivers could do instead.