Skip to Content
Artificial intelligence

Hordes of research robots could be hijacked for fun and sabotage

As more robots are connected to the internet, they will become targets for cybercrime and mischief.
July 24, 2018

Many experimental robots that live in research laboratories around the world may be wide open to hackers.

Researchers at Brown University, led by Stefanie Tellex, scanned the internet for machines running ROS, a popular open-source operating system used on many research robots. Tellex and her team discovered more than a hundred systems vulnerable to being accessed and even manipulated over the internet. Not a huge number—but a warning for the research community, Tellex says.

These systems could present a juicy target for online mischief makers, Tellex says, simply because it would be fun, and cool, to take control of a real live robot. But it isn’t inconceivable that state-sponsored hackers might also go after them, in order to steal data, disrupt research, or cause accidents.

UW’s Robot
Brown University

The issue isn't due to any security flaws or oversights in the design of ROS. Users are simply expected to secure their own systems. But without due care, the situation could get worse in the future. “As robotics becomes more advanced and spread out around the world, it’s important that we make sure these systems are fielded in a secure way,” Tellex says.

The Brown researchers tried taking control of one robot, a machine at the University of Washington, with the permission of its owners. They showed that they could read the robot’s sensors and move it around.

They even found one vulnerable machine in their own lab. This was so that another research group, at MIT, could remotely operate the robot using virtual reality. “But we should’ve taken it offline after we were done,” Tellex says.

Robots have been common at university research labs for decades. These machines are becoming ever more sophisticated, and researchers are exploring many ideas that involve connecting robotic systems over a network, for purposes including tele-operation and allowing one robot to share what it has learned with another system—an approach known as “cloud robotics” (see “Robots that teach each other”).

ROS, which stands for Robotic Operating System, has been a boon to robotics researchers over the past few years. It provides a standard platform for programming different hardware and a growing array of packages that give robots new capabilities. These includes libraries and algorithms for vision, navigation, manipulation, and so on.

Image obtained from the robot’s camera.
Brown University
View from RVIZ showing 3D point cloud and TF tree.
Brown University

ROS has been also been adopted by startups developing novel robotic systems including self-driving cars, warehouse helpers, and delivery bots. Industrial engineers tend to take security a lot more seriously, but internet connectivity inevitably creates new vectors for hackers (see “Botnets of things”).

“When we started work on ROS over 10 years ago, we wanted the system to be as flexible and as easy to use as possible,” says Brian Gerkey, CEO of Open Robotics, the foundation behind ROS. “As the authors of this paper note, users of ROS should take care to secure their ROS systems at the network level.”

Gerkey notes that Open Robotics is currently working on a 2.0 version of the software that will be more secure. The foundation has also announced the creation of a new, security-focused version of the operating system, called SROS (Secure ROS).

Deep Dive

Artificial intelligence

conceptual illustration showing various women's faces being scanned
conceptual illustration showing various women's faces being scanned

A horrifying new AI app swaps women into porn videos with a click

Deepfake researchers have long feared the day this would arrive.

storm front
storm front

DeepMind’s AI predicts almost exactly when and where it’s going to rain

The firm worked with UK weather forecasters to create a model that was better at making short term predictions than existing systems.

People are hiring out their faces to become deepfake-style marketing clones

AI-powered characters based on real people can star in thousands of videos and say anything, in any language.

Tentacle of Octopus
Tentacle of Octopus

What an octopus’s mind can teach us about AI’s ultimate mystery

Machine consciousness has been debated since Turing—and dismissed for being unscientific. Yet it still clouds our thinking about AIs like GPT-3.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.