Hacked 3D printers could commit industrial sabotage

Hackers could introduce defects into printed products, researchers are warning

3d printer

3D printers show potential for industrial sabotage.

Credit: Michael Kan

3D printers can churn out toys, clothing and even food. But the technology also shows potential for use in industrial sabotage, researchers warn.

Imagine a car maker using 3D printers to manufacture components, only to have the parts contain defects that are undetectable until it’s too late.

A hacker with access to the 3D printers could make that happen, a team of researchers wrote in a recent paper. This could result in a "devastating impact" for users and lead to product recalls and lawsuits, said New York University professor Nikhil Gupta, the lead author of the paper. 

3D printing is also known as “additive manufacturing.” It involves printing out layer after layer of material to create an object, like a plastic figurine or even a house.

The technology could streamline manufacturing, and the car industry is already experimenting with it. In the past, companies used 3D printers mainly to create prototypes, but recent advancements will expand the use of the technology to make actual products, research firm Gartner predicts.

If that happens, companies should be on guard for possible misuse. Many 3D printers are connected to the Internet, allowing for remote control, the researchers said. Hackers might be able to target these printers and secretly introduce internal defects in the manufacturing process.

For example, products might be made to handle less strain, leading them to break apart over time. The defects could be so small that not even ultrasonic imaging would detect them.

This could be life-threatening if defective components were printed out for cars or airplanes. The aircraft industry has been using 3D printers to create replacement parts, noted Steven Zeltmann, one of the paper’s authors. He is a graduate student at New York University. 

The potential for sabotage could also grow if manufacturers chose to outsource their commercial 3D printing to less trustworthy third parties, Zeltmann said via email.

And the security risks of Internet-connected printers go beyond the manufacturing itself. Given that 3D printers rely on design files, a breach could compromise a company's intellectual property.

To prevent the security risks, Zeltmann recommended that manufacturers disconnect their 3D printers from the Internet and encrypt their design files.

Companies could obfuscate their design files and use encryption so that only the designated 3D printer would know how to read them. “A printer without the right knowledge of what to ignore/follow would print a totally different part or just a big mess,” Zeltmann said.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Related:
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.