Tactic: Disturbance

Technique: Hardware Factory Reset

Robots often have an interface for a hardware factory reset. It is possible for the software to become corrupt and therefore inaccessible. The hardware factory reset gives the owner of the device a possibility to start over. An attacker can use such a hardware factory reset interface as well. If the robot defaults to standard credentials, then the attacker could use that to gain complete control.

Technique in practice

Manual: Unitree user manual (includes factory reset instructions)

Mitigations

The hardware factory reset should only be accessible through some sort of physical key. Furthermore, the default credentials should be unique to each copy of the product.

Detections

A simple health check service could detect whether the robot is still accessible.

Documented incidents with autonomous robots

No incidents known at the time of writing.