Your Smart Robot Is Coming in Five Years, But It Might Get Hacked and Kill You

However, it's the cars you really have to worry about.

|
Jul 25 2016, 1:30pm

Photo: Xavier Caré/Wikimedia Commons

A new report commissioned by the Department of Homeland Security forecasts that autonomous artificially intelligent robots are just five to 10 years away from hitting the mainstream—but there's a catch.

The new breed of smart robots will be eminently hackable. To the point that they might be re-programmed to kill you.

The study, published in April, attempted to assess which emerging technology trends are most likely to go mainstream, while simultaneously posing serious "cybersecurity" problems.

The good news is that the near future is going to see some rapid, revolutionary changes that could dramatically enhance our lives. The bad news is that the technologies pitched to "become successful and transformative" in the next decade or so are extremely vulnerable to all sorts of back-door, front-door, and side-door compromises.

The report, "2016 Emerging Technology Domains Risk Survey," was conducted by the Software Engineering Institute at Carnegie Mellon University, a federally-funded institute backed by the Pentagon. The report was actually completed in late 2015, but was cleared for public release three months ago.

The technologies predicted to "go really big" include augmented reality, smart medical devices, the connected home, commercial drones, and lots of car stuff: self-driving cars, web-connected cars, and cars that talk to each other.

Your (potential killer) smart robot

One of the most exciting developments is in artificially intelligent robots.

"Smart robots, or autonomous machines, are independent, self-correcting, and learning machines," says the report.

The smart robot revolution is coming as early as 2021, the report says. And it will automate all sorts of things, like "warehouse retrieval and storage," mixing and dosage of drugs, and transportation of items within a hospital, warehouse or other facility.

Apart from replacing human jobs, the problem is that smart robots might get hacked and kill people.

The report says that robots could be hacked "through networked back-end servers" or "through the robot itself"—because it's networked.

"… the potential for human harm and damage is very high, and the possible risks and vulnerabilities are not well understood."

"A compromised robot could cause destruction of property or death or injury of human workers," concludes the report.

There's scope to limit the risk through better hardware and safety programming, but the "lack of detail" on exactly how to do this means "the possibility of physical or economic harm cannot be ruled out."

Many other promising technologies have the same problem: They're brilliant, but dangerous.

Your augmented reality device might get hacked and lie to you

Augmented reality (AR)—which uses real-time imagery and other inputs to enhance or alter your perceptions of physical reality—(think Google Glass or Pokémon Go) is growing rapidly for use in "military, medical and infrastructure applications."

In the next five years, the combined market for virtual and augmented reality technology "could grow to $150 billion," according to the report, and AR will account for 80 percent of this.

There's not a direct safety risk here, but if "mission-critical" uses of AR, like in navigation systems, gets compromised, this is a "potentially high-risk event."

The report mentions how in 2013, researchers were able to hack Google Glass using malicious QR codes. When Google Glass took pictures of the codes, they forced the device to connect to hacker-controlled wireless access points.

Your connected home might get hacked and, well, do crazy shit

The fully "connected home"—based on the increasing centralized automation of home devices (from fridges to light bulbs) with Wi-Fi and computers—has technologically arrived, but not hit the mainstream.

However, it's only five to 10 years away from mainstream adoption, the researchers predict. By 2019, the report estimates, there will be 1.8 billion connected homes. That's nearly a third of the human population.

Fortunately, the report doesn't express too much concern about the consequences of cybersecurity risks here, but it points out the obvious: "The connected home is inherently vulnerable to attacks due to its reliance on a single defense—the home router."

The various connected devices will also have their own respective vulnerabilities.

The report mentions that home automation systems already available on the market have proven "vulnerabilities" with, for instance, "garage door openers, smart sensors platforms, and voice-controlled virtual assistants."

So you can imagine the havoc when some asshole hacks your home virtual assistant which then decides to open and close the garage door repeatedly while fucking with the light bulbs.

You probably won't own a 3D printer anyway, but it can't be hacked to kill you

There'll be 5.6 million 3D printers in use by 2019, according to the report—a massive boost from today's 244,533.

But despite "the potential to disrupt current manufacturing processes," 3D printers "will not be broadly adopted by home users in the near future."

Thankfully, for the most part, there are few risks related to hacking 3D printers.

Your hospital's smart medical device might get hacked and overdose you

This is a great opening to a sci-fi murder mystery set in the year 2236—except that smart medical devices are being used today in many hospitals and clinics worldwide.

Smart medical devices link to the human body and are usually networked-connected to enhance inpatient and outpatient treatment.

This sector "has a high likelihood of success" as more medical facilities are purchasing such devices, the report says, but with more such devices plugged into the net, "patient data and information will be increasingly vulnerable."

That's not all: "Even more concerning is the risk of remote compromise of a device directly connected to a patient. An attacker could theoretically increase or decrease dosages, send electrical signals to a patient, or disable vital sign monitoring."

So far, there haven't been any real-world efforts to hack such systems. But that could change as these devices become more widely available.

Your amazing autonomous car WILL arrive, but it's a complete fucking nuisance

Before you get overexcited, the report says that fully self-driving cars are such a safety-risk headache, we still don't know when precisely they'll shift from the research lab to the highway.

The connected car is perhaps the biggest security headache of all. So many connections, so many advances, and so many wide-open cybersecurity loopholes.

"Level 2" automation or "Combined Function Automation," where two key driver control functions are simultaneously automated, is likely "about 5-10 years away," the report says.

Level 3—"Limited Self-Driving Automation"—has already been incorporated into Tesla's Model S, says the report, and other degrees of autonomy are being prepared for 2017.

The hottest market for autonomous vehicles isn't for on-road driving, however. Instead, it's in "mobile robotic systems" that can be used for mining or manufacturing.

Yet the security risks are huge. On the one hand, the report authors are excited by potential "massive safety benefits, transformation of lifestyle, and likely adoption" of driverless cars—they "will become an incredibly important technology." You read that right. They WILL.

But a sentence later, the report admits:

"… the potential for human harm and damage is very high, and the possible risks and vulnerabilities are not well understood."

Cars with the most basic levels of autonomy can already be easily compromised. So imagine what hackers could do with driverless, connected cars that speak to each other and share information.

The report cites examples where attackers have remotely accessed "vehicle dashboard controls and displays;" exploited core driver functions causing "a vehicle to brake or turn;" and even taken over full control of the car.

This large landscape of "unknown unknowns" is the biggest obstacle to mainstream adoption.

Welcome to the smart-dumb future

The verdict is unavoidable. For better or worse, we're on the verge of a sweeping technological revolution that will permanently change the way we live: from our homes, to our work; from our cars, to our hospitals; including even the way we see the world.

But those changes are coming with costs, and the most obvious costs could be to our garage doors, light bulbs, cars, and of course, last but not least, our lives.

So when your personal smart robot assistant thing comes knocking, watch your step… (and update your firmware, idiot).

At least, we can take comfort in the fact that when the Singularity arrives and our Robot Overlords take over completely, we can most definitely fight back: with hacking.

The Hacks We Can't See is Motherboard's theme week dedicated to the future of security and the hacks no one's talking about. Follow along here.