Forget formless large language models (LLMs) and artificial intelligence (AI) agents: global superpowers are already building a future around embodied AI, and using cyberattacks to gain an upper hand in it.
A new industrial revolution is fomenting, some experts say. It was manufacturing and steam power the first time around, railroads and electricity the second, and the Internet and telecommunications not so long ago. This time the change might be led by embodied AI systems — robots that move like people or animals.
As corporations and nation states battle for dominance in intelligent robotics, new cyber battlefields and risks have already started to take shape. At Infosecurity Europe next week, Recorded Future’s Joseph Rooke will give a cybersecurity-leaning variant of a popular talk he’s been carrying around about the power politics, supply chain threats, and cyberattack scenarios around embodied AI systems both today and in the future.
“The race is on,” he says, “and right now the security of a lot of these systems is deeply concerning.”
Cyber-Risks in Embodied AI
As kinematics catches up with the rest of AI tech, experts are predicting an explosion of embodied systems. Last year, Morgan Stanley projected that China alone might have around 300 million of them by 2050, operating in industrial plants, army units, and anywhere else they might prove useful.
Investing in humanoids might be a proactive step to address population declines. It might also be a conspiracy to replace human workers with wageless machines. Either way, the movement is well underway. Humanoid robots have already featured heavily in Chinese Communist Party (CCP) initiatives, drones have played an exceptional role in the Russia-Ukraine war, and right now you can buy a robot dog for a few thousand bucks on the Web.
The potential risks in embodied AI systems are limited only to one’s imagination. Robots that swing their arms or shoot things are obvious safety hazards to people around them. Robots that live in homes and factory floors can steal data through not just the Internet, but also their eyes and ears. They can be hacked through all of those same channels, too.
It doesn’t help, then, that the robots built to date have proven so problematic. The few researchers focused on this space have already picked apart Unitree bots — the most popular humanoids on the market — nine ways to Sunday. They’ve proven that the machines send private user data to China without consent. They’ve found multiple backdoors enabling full, unauthorized control, and shown how they can be exploited in a minute’s time, or worm wirelessly from bot to bot. “That really was terrifying — iRobot sort of stuff. A fleet could be compromised in this case,” Rooke recalls.
Like large language models (LLMs) and agentic AI before it, companies are simply rushing embodied AI to market without totally accounting for the risks involved, Rooke says. “It’s a real race, and I think things are being missed. And that is my concern now with the US robotics market: Will they miss things?”
Chinese Spying in the Mining Sector
Cybersecurity for intelligent robots involves far more than protecting the robots, too. The supply chains needed to build embodied AI systems are also maturing, expanding, and proving fertile ground for commercial and geopolitical cyberespionage.
For humanoid robots, there are many cyber threats to the AI models they’re built with, the data centers they rely on, the semiconductors powering them, and the energy sources used at each step of the way. But Rooke highlights a growing universe of attacks against the worldwide mining industry.
Why mining? Because as the market for embodied AI and its components grows, rare earth elements and other critical minerals will be in huge demand. Whoever has control over those natural resources will possess immense power in the so-called fourth industrial revolution, and many rich deposits are located in legally ambiguous places like the Arctic and outer space.
Whether to glean insights into other countries’ future plans, sabotage those plans, or steal their mining technologies, China’s advanced persistent threat (APTs) groups in particular have been active in this space. Recorded Future has tracked a handful of mining-specific Chinese cyberespionage campaigns in the past half decade, and plenty more that may have been mining-adjacent in one way or another.
-
In 2021, APT15 (aka Nickel, Nylon Typhoon) targeted a Canadian mining company.
-
In 2025, right around the time China was entering into seabed exploration and mining partnerships with a trio of smaller nations, multiple Chinese APTs were found spying on an organization involved in monitoring and regulating the practice of seabed mining.
-
Between 2021 and 2026, Chinese threat actors targeted private and public sector entities in Indonesia, a country where China holds lots of contracts and interests around natural resources, particularly nickel.
-
In 2025, YoroTrooper (aka Silent Lynx) — which researchers believe is based in Kazakhstan — targeted Russia’s energy, manufacturing, and mining sectors.
When a mining contract is up for grabs, “They might get inside of a ministerial network, or they’ll figure out the reconnaissance phase: How can we undercut this bid? It’s all about getting that advantage,” Rooke says.
Luckily, he adds, “I wouldn’t say any of it right now is destructive; this is more about espionage.”

Comments are closed