A worldwide scan of labs running the Robot Operating System, a popular research robotics platform, found 100 exposed systems—some virtual, but 19 of them fully operational robots.
“If you’re not behind a firewall, anyone can connect,” says roboticist Stefanie Tellex, who spied through an unsecured robot’s camera, moved it and made it speak (she warned the robot’s human lab partners first).
Tellex is part of a Brown team that identified the weak link in robot cybersecurity during 2017 and 2018. One unsecured robot was in Tellex’s own lab—researchers forgot to lock it down.
“We can think of this in the larger context of the Internet of Things,” says study co-author Rodrigo Fonseca. “Software written without security in mind, coupled with people not thinking about security—that’s a dangerous combination.”