Outpacing Threats in the Internet of Robotic Things (IoRT)

The idea of autonomous robots has commanded the imagination for decades. As far back as the cartoon The Jetsons from the early 1960s, people have fantasized about interactive robots that could take over repetitive, manual tasks. 

Modern robots may not look exactly as we might have predicted, but they enable organizations to automate repetitive physical tasks, thereby improving productivity. As robots become more intelligent, connecting them to networks enables organizations to gain additional value from their deployments. The Internet of Robotic Things (IoRT) merges the capabilities of robots and Internet of Things (IoT) devices, representing the next step forward for both technologies. Unlike conventional IoT devices, IoRT makes autonomous decisions that can impact the physical world. Meanwhile, unlike conventional robots, IoRT ingests sensitive data that needs protection and creates a new physical security risk for the people working with it. 

As organizations adopt these new technologies, they need to understand what IoRT is, how it enables operations, the potential security risks, and best practices for protecting people and data. 

What is the Internet of Robotic Things (IoRT)?

The Internet of Robotic Things (IoRT) integrates the field of robotics with Internet of Things (IoT) network connectivity. These connected robotic devices communicate over cloud computing platforms so that they can leverage artificial intelligence (AI) and data analytics to improve operations. 

Development in automation means that IoRT-enabled robots play a critical role, transforming inanimate objects into workforce multipliers. In hazardous environments, IoRT systems can complete tasks that would be dangerous for human operators. These autonomous robotic systems improve operations and outcomes across various industries, including:

• Manufacturing: Communicating for real-time feedback.
• Healthcare:  Facilitating precision in complex surgeries.
• Precision agriculture: Monitoring soil health.

How are IoRT and IoT different?

While IoRT and IoT both involve connected devices, they differ in three key ways:

• Main focus: While IoT specializes in data collection and analysis, IoRT enables autonomous action and decision-making.
• Networking systems: While IoT connects inanimate objects and sensors, IoRT facilitates interaction between robots for real-time feedback.
• Human involvement: While IoT requires human involvement for data analysis and oversight, IoRT requires minimal human involvement for general oversight. 

What Are the Benefits of Using IoRT-Enabled Robots?

Generally speaking, IoRT-enabled robotics improves operational efficiency by reducing the time human operators spend on tasks. However, the specific benefits are often industry-specific. Some examples of IoRT’s benefits across different industries include:

• Manufacturing: Communication between robots and human operators enables the organization to use real-time feedback for improved control over quality and operational efficiency. 
• Healthcare: IoRT systems provide precise, real-time data for surgeons engaging in complex surgeries to reduce human error and improve patient outcomes. 
• Precision agriculture: Monitoring soil health boosts productivity and enhances crop management. 
• Retail and e-commerce: Warehouse robots automate fulfillment processes for efficient, cost-effective picking and restocking. 

What are some examples of IoRT?

IoRT are hybrid systems that incorporate components like cloud computing, communication protocols, and AI for tangible improvements in efficiency, accuracy, and operational safety. Some examples of these robots include:

• Collaborative robots: Designed to work with human operators, the robots use AI and advanced sensors to perform tasks that complement people’s abilities, like on assembly lines or in laboratories. 
• Mobile robots: Whether moving through controlled or uncontrolled environments, these robots autonomously navigate environments for real-time data collection and analysis across wireless networks, like in warehouse management and logistics, to augment supply chain efficiency. 
• Networked robots: Multiple robotic devices work to accomplish a shared goal and communicate with each other as well as sensors and stationary systems, for comprehensive data sharing and decision making, like providing healthcare support or ecological monitoring. 
• Cognitive robots: Using AI, these robots analyze data and learn from interactions so they can perform complex analysis and respond to dynamic circumstances, like autonomous vehicles navigating traffic.

What are the cybersecurity implications of IoRT?

IoRT systems create a network of connected devices that expand an organization’s attack surface. Some key security concerns that organizations need to consider include:

• Data breaches: Robots handle sensitive data, like protected health information (PHI) or proprietary manufacturing processes, creating an attractive target for cybercriminals. 
• Unauthorized access: If attackers gain unauthorized access to network-connected robotic devices, they can control them, which can lead to unauthorized activity, impacting quality, efficiency, and human safety. 
• Communication protocols: IoRT typically uses communication protocols with limited processing power that limit encryption, like HTTP rather than HTTPS.
• Software vulnerabilities: Robots run on software and firmware, which can contain vulnerabilities that attackers can exploit to gain unauthorized access to systems and networks. 

Best Practices for Implementing IoRT Security Controls

Threat actors consistently seek to compromise new types of technologies because they assume organizations have no way to mitigate risks. As more organizations implement IoRT systems, establishing and enforcing security controls becomes more important. 

Identify IoRT Devices

Since IoRT incorporates both robotics and IoT devices, organizations should align their risk management strategy to how they identify, categorize, and manage IoT devices. Using a passive scanning technology built for these use cases means that organizations can identify all IoRT devices without causing a service disruption. 

When looking for a solution to manage these devices, organizations should consider their ability to create accurate device profiles that include:

• Operating system
• IP address
• MAC address
• Port numbers
• Hostname
• Version number

Implement and Maintain Secure Configurations

IoRT requires the same approach to hardening as the rest of the organization’s devices. This means that organizations need to identify known good configurations and monitor their fleets for drift. As the number of connected IoRT devices increases, manual configuration control processes become overwhelming and time-consuming. When seeking an automated solution, organizations should consider the following capabilities:

• Risk simulations that show the impact that default configurations have on security posture. 
• Targeted remediation guidance that surfaces the simplest actions with the greatest risk reduction capabilities. 
• Snapshots of known good configurations act as a baseline. 
• Alerts for when devices drift from the snapshotted, preferred configuration. 
• Assignment of configuration categories based on high, medium, low, or none to reduce the number of alerts. 

Use Targeted Network Segmentation

Network segmentation starts by separating critical or high-risk assets from low-risk digital assets so that security teams focus on the most important devices. However, with IoRT and IoT devices, the sheer number deployed across the organization becomes difficult to manage even with network segmentation. 

Targeted segmentation provides more detailed risk mitigation while being faster and easier to implement. In targeted segmentation, organizations:

• Determine the attack vectors that exist within the organization. 
• Categorize devices based on shared attack vectors and other factors, like criticality to operations or sensitive data transmitted. 
• Remediate vulnerabilities either by applying patches or implementing compensating controls. 
• Place devices with similar risk and attack profiles on the same network segment to streamline monitoring and risk management. 

Identify Vulnerabilities and Prioritize Remediation

Using a passive scanner to identify IoRT vulnerabilities mitigates service outage risk while improving security. However, with thousands of new vulnerabilities published every year, organizations must prioritize their remediation activities to maintain a robust security posture. While all vulnerabilities could be used as a way to gain unauthorized access to systems and networks, the reality is that threat actors use the ones that are the easiest to exploit. 

Organizations should look for solutions that enable them to prioritize and implement remediation activities. They should evaluate the technology for the following capabilities:

• Integration of IoT/IoRT threat intelligence for insight into real-world attacker activity. 
• Detailed likelihood and impact analyses to help manage vulnerabilities and devices. 
• Risk simulators that show the return on investment for any remediation actions. 
• Automated patching capabilities that include single-device, scheduled, bulk, and fully automatic options. 

Continuously Monitor to Identify Abnormal Activity

Once the organization understands the IoRT baseline network activity and communications, it should continuously monitor for anomalies that may indicate a potential security incident. When choosing an IoRT monitoring solution, organizations should consider the following capabilities:

• Threat intelligence and detections based on key data sources, including the Exploit Prediction Scoring System (EPSS) and Known Exploited Vulnerability (KEV) database. 
• High-fidelity alerts that enable security teams to investigate incidents quickly so they can reduce key metrics like mean time to detect (MTTD) and mean time to respond (MTTR). 
• Automated quarantine capabilities to reduce the impact a security incident can have while improving the mean time to contain (MTTC) key performance indicator. 
• Packet capture to monitor devices so that security teams have the necessary forensic data. 
• Integrations with the security information and event management (SIEM) solution for comprehensive monitoring. 

Asimily: The Purpose-Built Solution for Managing IoT and IoRT Security

Asimily is purpose-built to manage IoT and IoRT devices so that organizations have visibility into and control over their fleets. Our platform provides context, taking into account vulnerabilities and the IT environment, so organizations can mitigate risk more effectively. 

Organizations efficiently identify high-risk vulnerabilities with our proprietary, patented algorithm that cross-references vast amounts of data from resources like EPSS (Exploit Prediction Scoring System), Software Bills of Material (SBOMs), Common Vulnerability and Exposure (CVE) lists, the MITRE ATT&CK Framework, and NIST Guidelines. It understands your unique environment, so our deep contextual recommendation engine can provide real-time, actionable remediation steps to reduce risk and save time.