Robots and Virtual Terrorism
Daniel Wagner is the founder and CEO of Country Risk Solutions and a widely published author on current affairs and risk management.
Daniel Wagner began his career at AIG in New York and subsequently spent five years as Guarantee Officer for the Asia Region at the World Bank Group's Multilateral Investment Guarantee Agency in Washington, D.C. After then serving as Regional Manager for Political Risks for Southeast Asia and Greater China for AIG in Singapore, Daniel moved to Manila, Philippines where he held several positions - including as Senior Guarantees and Syndications Specialist - for the Asian Development Bank's Office of Co-financing Operations. Prior to forming CRS he was Senior Vice President of Country Risk at GE Energy Financial Services. He also served as senior consultant for the African Development Bank on institutional investment.
Daniel Wagner is the author of seven books: The America-China Divide, China Vision, AI Supremacy, Virtual Terror, Global Risk Agility and Decision Making, Managing Country Risk, and Political Risk Insurance Guide. He has also published more than 700 articles on risk management and current affairs and is a regular contributor to the South China Morning Post, Sunday Guardian, and The National Interest, among many others. (For a full listing of his publications and media interviews please see www.countryrisksolutions.com).
Daniel Wagner holds master's degrees in International Relations from the University of Chicago and in International Management from the Thunderbird School of Global Management in Phoenix. He received his bachelor's degree in Political Science from Richmond College in London.
Daniel Wagner can be reached at: daniel.wagner@countryrisksolutions.com.
Robots can store sensitive information, including encryption keys, user social media, e-mail accounts and vendor service credentials, and send that information to and from mobile applications, Internet services, and computer software. As a result, encryption is mandatory to avoid data compromises, yet most robot manufacturers use the same passwords for most or all of their products, leaving consumers vulnerable to hacking if they fail to change them. Robots also receive remote software updates, so proper encryption is necessary to ensure that these updates are trusted and have not been modified to include malicious software.
A 2017 study found nearly 50 cybersecurity vulnerabilities in robot ecosystem components, many of which were common in home, business, and industrial robots, as well as the control software used by other robots tested. Although the number of robots tested was not a large sample, the fact that dozens of vulnerabilities were uncovered, in such a broad spectrum of robots, is concerning. Most of the robots evaluated were using insecure forms of communications, with mobile and software applications connected to the Internet, Bluetooth, and Wi-Fi without properly securing the communication channel. Although some had weak encryption, most of the others sent data to vendor services or the cloud without any protection.
Most of the robots that have been tested to determine the nature of their security protocols did not require sufficient authorization to protect their functionality, including critical functions such as installation of applications in the robots themselves or updating of their operating system software. This enables cyberattackers to install software without permission and gain full control over them. Most of the robots tested were also either not using encryption at all or improperly using it, exposing sensitive data to potential attackers. Furthermore, many robot manufacturers have generally failed to ensure that either users are instructed to change passwords, or updates are routinely provided when changes in the product security protocols are made.
Certain robot features are common, intended to improve accessibility, usability, interconnection, and reusability (such as real-time remote control with mobile applications). Unfortunately, many of these features make robots more vulnerable from a cybersecurity perspective, with both critical- and high-risk cybersecurity issues present in many of the features. A hacked robot has many of the same vulnerabilities as computers, and can suffer the same consequences.
A hacked robot operating inside a home might spy on a family via the robot’s microphones and cameras. An attacker could also use a robot’s mobility to cause physical damage in or to the house. Compromised robots could even hurt family members and pets with sudden, unexpected movements, since hacked robots can bypass safety protections that limit their movements. Hacked robots could also start fires in a kitchen by tampering with electricity or potentially poison family members and pets by mixing toxic substances with food or drinks, or by utilizing sharp objects to cause harm.
While there are of course nefarious potential connotations to a robotic future, such capability also opens up fantastic possibilities in areas as broad as search and rescue operations, disaster relief, ambulatory services, and oil spill containment. They may, of course, also be used for more nefarious purposes. In 2014 some researchers at Harvard University created the largest robot swarm at that time using 1,024 tiny robots the size of a penny that could find one another and collaborate to assemble themselves into various shaped and designs, like a mechanical flash mob.
Some defense contractors have already developed drones that can fly into enemy territory, collect intelligence, drop bombs, and defend themselves against attack. In the Korean demilitarized zone, South Korea has deployed border control sniper robots that detect intruders with heat and motion sensors, and can automatically fire on targets up to one kilometer away with machine guns and grenade launchers. What if autonomous drones infected with malware decided for themselves to drop bombs or perform kamikaze missions in a stadium filled with people?
Lethal autonomous robots take many forms—they can walk, swim, drive, fly, or simply lie in wait. Our ability to outsource kill decisions to machines is fraught with a panoply of ethical, moral, legal, technical and security implications. As robots continue to proliferate, we are more likely to suffer the consequences of Moore’s law clashing with Murphy’s law. Inaccurate data and software glitches may combine with malware and hardware malfunctions to create an inevitable kill zone where it may be the least desired or expected. All drones and robots are hackable, and it is a question of time until virtual terrorists succeed in turning what would otherwise have been a wondrous technological future into one even more fraught with fear, uncertainty, and peril.
Daniel Wagner is the Founder of Country Risk Solutions(@countryriskmgmt), Managing Director of Risk Cooperative (@RiskCoop),and author of the new book “Virtual Terror”. He can be reached at:daniel.wagner@countryrisksolutions.com.
This article is brought to you by the author who owns the copyright to the text.
Should you want to support the author’s creative work you can use the PayPal “Donate” button below.
Your donation is a transaction between you and the author. The proceeds go directly to the author’s PayPal account in full less PayPal’s commission.
Facts & Arts neither receives information about you, nor of your donation, nor does Facts & Arts receive a commission.
Facts & Arts does not pay the author, nor takes paid by the author, for the posting of the author's material on Facts & Arts. Facts & Arts finances its operations by selling advertising space.