A team at a robot cybersecurity startup has released a free, open-source tool for information security professionals to help them easily ‘footprint’ and detect unprotected robots, not only connected to the Internet, but also to the industrial environments where they operate.
Dubbed “Aztarna,” the framework has been developed by Alias Robotics, a Spanish cybersecurity firm focused on robots and is capable of detecting vulnerable industrial routers and robots powered by ROS (Robot Operating System), SROS (Secure ROS) and other robot technologies.
Written in Python 3, Aztarna is basically a port scanning tool with a built-in database of fingerprints for industrial routers (including Westermo, Moxa, Sierra Wireless, and eWON), and robotic technologies and components, as well as patterns that power the tool to test those devices against various known vulnerabilities and security misconfigurations.
Researchers at Alias Robotics told The Hacker News that Aztarna has been designed to work in different work modes based upon different penetration testing scenarios. It can scan a list of given IP addresses, a network IP range, results from Shodan search engine and even the whole Internet in conjunction with other scanning tools like ZMap or masscan.
“Motivated by the lack of dedicated tooling for security research in the field of robotics, we have developed aztarna, a tool aimed to help in the detection and scan of robots and robot technologies (including software components) on a network,” the researchers said.
images from Hacker News
Recent Comments