Tactic: Impact

Technique: Control OS

Once adversaries have gained control over a system and escalated their permissions, they could take over control of the operating system. This would implicate that the user no longer has control of the operating system.
A user would not be able to use their machine and adversaries could do anything they want. As a end user it is very hard to regain control of the system without a full software reset.

Technique in practice

The German Federal Office for Information Security (BSI) reported a targeted attack on a steel mill in its 2014 IT Security Report. These targeted attacks affected industrial operations and resulted in breakdowns of control system components and even entire installations. As a result of these breakdowns, massive impact resulted in damage and unsafe conditions from the uncontrolled shutdown of a blast furnace.

Mitigations

There are several ways to minimize damage. One of the most common ways is to create backups on a regular basis. This way the operating system can be rolled back to the latest uninfected version.
Another option is to have redundant systems. When one system has been compromised, the other could take over.

Documented incidents with autonomous robots

No incidents known at the time of writing.

Documented incidents in other domains

The German Federal Office for Information Security (BSI) reported a targeted attack on a steel mill in its 2014 IT Security Report. These targeted attacks affected industrial operations and resulted in breakdowns of control system components and even entire installations. As a result of these breakdowns, massive impact resulted in damage and unsafe conditions from the uncontrolled shutdown of a blast furnace.
LockerGoga is ransomware that was first reported in January 2019, and has been tied to various attacks on European companies, including industrial and manufacturing firms.