安全專家表示,世界上最著名的一些機器人存在監(jiān)聽它們的用戶、泄露商業(yè)機密,甚至被控制、被用于實施身體攻擊的風險。這些專家們警告,機器人很容易遭到網(wǎng)絡攻擊。
IOActive, a cyber security company, tested 50 robots — including SoftBank Robotics’ childlike Pepper robot and Rethink Robotics’ industrial Baxter robot — and discovered weaknesses that would allow a hacker to manipulate arms and legs and take over microphones and cameras.
網(wǎng)絡安全公司IOActive測試了50臺機器人,包括軟銀機器人(SoftBank Robotics)生產(chǎn)的孩子模樣的Pepper,以及Rethink Robotics的工業(yè)機器人Baxter,結(jié)果發(fā)現(xiàn)了一些缺陷,黑客可以利用這些缺陷來操縱機器人的手臂和腿,或者控制麥克風和攝像頭。
As more robots replace humans in jobs from construction sites to hospitals, with Pepper already being used in stores and homes and Baxter deployed on assembly lines , the impact of a potential cyber attack increases. Spending on robots and related services is set to double to $188bn in 2020, according to data from research firm IDC.
隨著越來越多的機器人在從建筑工地到醫(yī)院的工作崗位上取代人類——Pepper已被用在商店和家庭,Baxter被用在裝配線上——潛在網(wǎng)絡攻擊的影響也將增加。研究公司IDC的數(shù)據(jù)顯示,2020年,機器人及相關(guān)服務方面的支出將比現(xiàn)在翻一番,達1880億美元。
Cesar Cerrudo, chief technology officer for IOActive Labs, which specialises in hunting for flaws in so-called Internet of Things devices, said he was concerned that robots were being connected to the internet with no thought for cyber security.
IOActive LabsIOActive專門致力于尋找物聯(lián)網(wǎng)設備的缺陷,該機構(gòu)的首席技術(shù)官塞薩爾•塞魯多(Cesar Cerrudo)表示,他擔心人們正將機器人接入互聯(lián)網(wǎng)而完全沒有考慮到網(wǎng)絡安全問題。
“Once the robots start to be in every home and many businesses, the motivation to attack them will increase exponentially,” he said. “Since they can move around their surroundings, especially industrial robots, they use a lot of power and can be programmed to do very dangerous movements in real time.”
“一旦機器人開始進入千家萬戶和許多企業(yè),對它們進行攻擊的動機將大為增加,”他說,“由于機器人可以在自己的環(huán)境中到處移動,特別是工業(yè)機器人,它們要使用很多電力,因此可以通過編程讓它們實時地做出非常危險的動作。”
While it found no evidence yet of any cyber attacks on robots, Mr Cerrudo warned that they could be used to cause physical harm or to stall operations.
雖然IOActive尚未發(fā)現(xiàn)機器人遭網(wǎng)絡攻擊的任何證據(jù),但塞魯多警告稱,它們可能被用來造成身體傷害或讓某些活動停止。
He said that if one of the flaws that he discovered was used to infect a robot with ransomware, malicious software that shuts down a computer until its recipient pays a ransom, it could damage operations.
他表示,如果有人利用他這次發(fā)現(xiàn)的某個缺陷,以勒索軟件(一種惡意軟件,可以關(guān)閉計算機,直到被感染者支付贖金)感染一臺機器人,可能導致活動無法正常進行。
“If they start replacing workers with robots, it will be as if someone hacked the company’s employees,” he said. “如果一家公司開始用機器人替換工人,(一旦這些機器人受到黑客攻擊)那就好像這家公司的員工受到了黑客攻擊,”他說。
IOActive, which has informed robot manufacturers of the flaws, also found serious cyber security problems in robots from other companies including Ubtech Robotics, Robotis, Universal Robots and Sartec Corp.
IOActive已把這些缺陷通報給了機器人生產(chǎn)商。該公司也在優(yōu)必選科技(UBTech Robotics)、Robotis、優(yōu)傲機器人(Universal Robots)和Sartec Corp等公司出品的機器人身上發(fā)現(xiàn)了嚴重的網(wǎng)絡安全問題。
Universal Robots said it was aware of IOActive’s report and was “investigating the potential vulnerability described and potential countermeasures”.
優(yōu)傲機器人公司表示,它已了解到IOActive的報告,并且“正在調(diào)查報告中描述的潛在薄弱環(huán)節(jié),并研究潛在對策”。
Rethink Robotics said it had already addressed some of the issues highlighted by IOActive.
Rethink Robotics公司表示,它已解決了IOActive指出的一些問題。