by Tim Leogrande, BSIT, MSCP, Ed.S.

APRIL 2 2026 • 7 MIN READ

In early 2025, security analysts detected a surge in state-sponsored cyber espionage campaigns targeting robotics manufacturing supply chains. Most threat actor activity in this space isn't fueled by robot specific attacks but is similar to other campaigns the security industry already monitors across high value technology and advanced manufacturing sectors. Remote Access Trojans (RATs), specialized open source malware, supply chain exploitations, and intellectual property (IP) theft are the most common attack vectors.

A histogram detailing the increasing frequency of cyber espionage campaigns targeting robotics and industrial sector supply chains from Q4 2024 through Q4 2025. (©2026 Tim Leogrande)

A histogram detailing the increasing frequency of cyber espionage campaigns targeting robotics and industrial sector supply chains from Q4 2024 through Q4 2025. (©2026 Tim Leogrande)

What’s driving this startling increase in attacks? One factor is American and Asian companies that are trying to replace human labor with machines which mimic human appearance and capabilities but don’t get paid a salary. These firms can already buy a Unitree R1 humanoid robot for as little as $4,900, and analysts at Morgan Stanley, Bank of America, and other financial institutions predict this technology will soon become even more affordable.

The Unitree R1 humanoid robot features a lightweight chassis, agile mobility, a customizable design, and multimodal AI for voice and image interaction. (©2026 UnYuShu Technology Co., Ltd)

The Unitree R1 humanoid robot features a lightweight chassis, agile mobility, a customizable design, and multimodal AI for voice and image interaction. (©2026 UnYuShu Technology Co., Ltd)

Researchers at Alias Robotics recently demonstrated that they can acquire unauthorized root access to Unitree robots, providing the ability to control each device remotely. These machines also transmitted a wide range of system data to remote servers in Asia without first requesting user permission.

A quote from the research:

“The robot functions as a trojan horse, continuously exfiltrating multi-modal sensor and service-state telemetry to 43.175.228.18:17883 and 43.175.229.18:17883 every 300 seconds without operator notice.”

Governments are watching these developments closely, and China's 15th Five-Year Plan identifies "embodied AI" as a field in which it aspires to be a world leader. During the past eight years, more than 7,700 patent applications in China have included the word “humanoid" (人形).

A robot is best understood as a complex array of interconnected systems; including multiple sensors that take measurements of its surroundings, a CPU which processes sensor data, and actuators that receive commands and can physically interact with the external environment. The speed of this control loop is a major safety concern for manufacturers.

<aside> 💡

In a standard desktop computer system or laptop, if an application executes an instruction more slowly than expected, it is unlikely to have a significant impact on anyone. No one crashes into anything, gets knocked down, or is seriously injured. Conversely, all of this is possible with a robot that can physically interact with its environment.

</aside>

Speed is crucial when a fraction of a second can be the difference between safety and harm to people and animals. Strong authentication and encryption — which are essential to data communications and security — inevitably slow the control loop, particularly when layered with other critical middleware in a complex robotics system.

The good news is that interdisciplinary researchers continue to improve the Secure Robot Operating System (SROS), helping developers move beyond ineffective, bolted-on security solutions. Even so, robotics is still an emerging field. So manufacturers should adopt core security best-practices — such as zero-trust architectures and basic access controls — to meet acceptable standards of safety and security.

<aside> 💡

Robotics is no longer just an engineering race. It has become a geopolitical and cybersecurity battleground. As humanoid and autonomous robots scale from research labs into factories, homes, and critical infrastructure, they inherit the vulnerabilities endemic to other networked systems with the added risk of potentially serious physical-world consequences.

</aside>

Analysts already warn that nation-state malware targeting robotics firms is likely aimed at both stealing IP and gaining strategic advantages in a rapidly expanding market. The organizations building the next generation of robotics platforms must therefore treat security as foundational, not optional.

In the era of AI-powered machines, the question is no longer whether robots will be targeted, but whether we can secure them before they become the next front line in cyber espionage and nation-state conflicts.