Tactic: Impact

Technique: Denial Of Control

Denial of control is an attack that can cause the rightful operators of the autonomous robot to lose control over the robot. This technique is most useful to an attacker when combined with control logic tampering, so that the attacker can control the robot themselves while keeping control away from the original owner.

Technique in practice

Article: Industroyer (malware)

Mitigations

Out-of-band communication channels can be used to keep a backdoor to the robot, in case the rightful owner loses control. A redundancy of services can also be used as a backdoor, though this is more easily detectable by the attacker on the operating system level.

Detections

A simple health check service could detect whether the robot is still accessible.

Documented incidents with autonomous robots

No incidents known at the time of writing.

Documented incidents in other domains

[2017] WIN32 Industroyer: A new threat for industrial control systems