Is nothing safe anymore? One could argue that nothing ever has been, really, but it’s a disturbing reality that in today’s technological world, in which almost everything is linked in some way to the Internet, security is continually being threatened in new ways. When 3D printing was in its early days, it’s likely no one ever imagined it could be a security threat, but the technology has definitely turned out to have a nefarious side – and I’m not just talking about 3D printed guns or copied keys.
Experts have warned that cybersecurity issues should not be underestimated when it comes to 3D printers, which, like anything else with a web connection, are potentially vulnerable to hacking. We may not hear about hacked 3D printers very often, but the potential is there, and researchers have been spending a lot of time trying to anticipate the worst. While on the surface, cyberattacks on 3D printers may seem like a relatively minor threat, with the most dire consequences being stolen intellectual property, the issue becomes a lot more serious when you start thinking about what 3D printers are creating nowadays. Airplane parts, rocket engines, even medical devices – if these things can be tampered with remotely, it’s not good, to say the least.
A team of professors from the University of South Alabama, Ben-Gurion University of the Negev, and Singapore University of Technology and Design recently carried out an experimental cyberattack on a partially 3D printed drone to demonstrate the damage that 3D printer hackers could potentially cause. The team orchestrated a phishing attack on the computer containing the files for a DJI drone. Once they accessed the computer, they downloaded the 3D file for a replacement rotor blade and added hollow cavities in the interior of the blade, weakening it in a way that wouldn’t be detectable by visual inspection.
According to Ben-Gurion University professor Yuval Elovici, the team deliberately engineered the design flaws so that they wouldn’t cause the propeller to fail right away, giving the drone enough time to get high into the air before breaking for maximum damage when it hit the ground. Once they printed the blade and attached it to the drone, they carried out a flight test, which went exactly as they had intended it to go; the drone flew normally for a few minutes before the sabotaged propeller blade flew off and sent the $1,000 drone crashing to the ground.
Full details of the research project were documented in a paper entitled “dr0wned – Cyber-Physical Attack with Additive Manufacturing,” co-authored by Elovici, Sofia Belikovetsky, Mark Yampolskiy, and Jinghui Toh. The researchers put together a video detailing their process and the intentionally failed flight, linked in the paper:
“Initially we focused on checking whether the 3D-printer can be hacked,” said Elovici. “Quickly, we realized that such an attack cannot scale due to the huge variety of 3D printers, and thus we decided to focus on how attackers may intervene in a generic way in the process between design and production.”
The paper breaks down multiple scenarios for how 3D printed parts could be compromised, and the large number of feasible methods is unsettling. Although a widespread cyberattack on multiple 3D printers is unlikely, Elovici said, plenty of damage can still be done by manipulating one single part.
“Imagine that an adversary can sabotage functional parts employed in an airplane’s jet engines,” he said. “Such an attack could cost lives, cause economic loss, disrupt industry, and threaten a country’s national security.”
While the research team’s attack was targeted at a private personal computer, they warned that a similar attack could be carried out on an industrial or corporate computer system, which has the potential to cause a lot more problems. It’s a grim realization, but the intent of the study wasn’t to scare people but rather impress upon them the need for strict security measures in additive manufacturing facilities.
“…[B]efore printing an object, there is a need to check that the file was not modified and there are many cryptographic means that can be used in order to achieve this goal,” Elovici said. “The research community is currently engaged in developing innovative methods that involve innovative data verification techniques that verify that what is printed is exactly [the] content of the original design.”
Discuss in the Drone Sabotage forum at 3DPB.com.[Sources: dr0wned – Cyber-Physical Attack with Additive Manufacturing; EurekAlert; TechRepublic]
You May Also Like
Imperial College London: 3D Printing Improved Biocompatible Implant Packaging
Cristina Gentili recently presented a thesis, ‘3D Printed Instrumented Packaging for Implantable Devices,’ to the Centre of Bio-Inspired Technology at the Imperial College London. While there is much research focused...
For a Personalized Look, Try a 3D Printed Pompillon Bow Tie
There’s something fantastically dapper about a bow tie, and a 3D printed version definitely takes this fashionable look the extra mile. Ties and bow ties, along with ascots and scarves,...
$50 Open-Source Colorimeter is Remarkable in Comparison to Commercial Models
Researchers from Michigan Technological University are applying chemistry to 3D printing, detailing their recent study in ‘Open-Source Colorimeter.’ A basic sensor, the colorimeter is made up of a simple light...
3D Printing and Mass Customization, Hand in Glove Part V
We know that we are using far too many materials in a quest for consumption, could recycle them and could use these recycled goods in high valued materials but why...
View our broad assortment of in house and third party products.