Dr. Pero Mićić
We have recently reported a lot about humanoid robots and their potential. Some of our clients have bought robots for testing purposes. The small G1 from Unitree is probably the most frequently purchased model because it was practically the only one available for little money.
A team of European IT security experts has examined this small humanoid robot G1 from Unitree very closely for cyber security. The result is worrying. The robot can be hacked relatively easily or controlled by its manufacturer. It can serve as an attack vector, i.e. as a tool for espionage and cyber-physical attacks.
It is worth noting that the G1 is more secure than the average robot in use. Many robots have no encryption at all. So it’s not just about this little Chinese robot, which is still more of a toy than a productivity tool.
Dangers
The researchers present several scenarios of how the robot can become a passive and active attack vector.
- Robots as spies
- The robot monitors everything around it. It can record photos, videos and conversations, map rooms and track people.
- It demonstrably sends this data to two servers in China every five minutes without anyone noticing. The gates for industrial espionage are wide open. Anyone who has bought the Unitree G1 privately must, in the worst case, expect their private life to be documented on servers in China.
- Robots as an IT attack platform
- The robot scans the IT system of the household, company or power plant in which it is used.
- It can find vulnerabilities in the cloud and software system, manipulate data and infiltrate malicious code.
- Robots as a physical attack tool
- The relatively weak hard-coded and therefore static encryption is the same for all (!) examples of the robot. If hackers gain access to one of the robots, they have the entire fleet under control.
- According to the results of the investigation, hackers can infiltrate commands. This allows them to remotely control the robot with full root rights. The robot can also carry out physical attacks against people and property.
Backgrounds
- It remains to be seen whether the vulnerabilities were created deliberately or accepted, for example on the instructions of Chinese authorities. This would indicate a permanent security arms race. In extreme cases, this could lead to a ban on Chinese robots. How the industrial robots manufactured in Germany by the Chinese-owned Kuka will be dealt with is still unclear.
- It is also possible that the problems are due to the prototype status of the G1 and that later models will pose fewer or no security risks. The research team has reported its findings to Unitree. We will see how Unitree responds.
Recommendations
- Technology is always an opportunity and a risk. Not using AI and robotics is not a viable option. AI systems that can identify and eliminate vulnerabilities and threats are the most promising solution for adequate security.
- It is right to test humanoid robots at an early stage. After all, we see a high probability that robots and their use will become the largest market in the world. However, the tests must be configured in such an isolated way that the safety of the tester is not compromised, even if the robots send their data to China.
- Search intensively for reports on the robots used. Fortunately, there are many teams of security experts who publish their intensive tests. As in this case.
The highly technical report is available for download here: Cybersecurity AI: Humanoid Robots as Attack Vectors
