Ransomware has become a major threat to computer systems in recent years, as high-profile attacks have locked users out of personal computers, hospitals, city governments, and even The Weather Channel. Now, security researchers have discovered that another device that might be at risk: a DSLR camera.
Check Point Software Technologies issued a report today that detailed how its security researchers were able to remotely install malware on a digital DSLR camera. In it, researcher Eyal Itkin found that a hacker can easily plant malware on a digital camera. He says that the standardized Picture Transfer Protocol is an ideal method for delivering malware: it’s unauthenticated and can be used with both Wi-Fi and USB. The report notes that individual with an infected Wi-Fi access point could deploy it at a tourist destination to pull off an attack, or infect a user’s PC.
In a video, Itkin shows off how he were able to exploit a Canon E0S 80D over Wi-Fi and encrypt the images on the SD card so that the user wouldn’t be able to access them. He also notes that cameras could be a particularly juicy target for hackers: they’re full of personal images that most people likely won’t want to walk away from. In a real ransomware attack, a hacker will typically demand a small amount of money in exchange for the key that will decrypt the files — usually a small enough amount that people would rather just pay to get rid of the inconvenience.
Check Point says that it disclosed the vulnerability to Canon back in March, and the two began work in May to develop a patch. Last week, Canon issued a security advisory, telling people to avoid using unsecured Wi-Fi networks, to turn off its network functions when it’s not being used, and to update and install a new security patch onto the camera itself. Itkin says that he only worked with a Canon device, but tells The Verge that “due to the complexity of the protocol, we do believe that other vendors might be vulnerable as well, however it depends on their respective implementation.”
Comments
DSLR only? I mean this sounds like something that really applies Canon camera (or potentially other brands) that use PTP. Also "digital DSLR?"
By archie4oz on 08.11.19 3:54pm
I am assuming any camera using PTP to transfer pictures over wifi .
By Kirukkan on 08.11.19 4:39pm
No, because Canon cameras are unique in that they allow running of firmware directly off the memory card, which is why there’s Magic Lantern and CHDK.
By yslee on 08.11.19 11:40pm
Not really an issue for most photographers. The Wi-Fi function isn’t persistent on my camera but regardless I wouldn’t be foolish enough to connect to a third-party hotspot and wouldn’t bother if I were doing a photo shoot or on holiday, talking lots of images, as it would be far easier to insert the card into my USB-C card reader or portable hard drive and go from there.
By LiveM on 08.11.19 4:47pm
Yea, cameras in general have terrible connectivity, using them is such a pain I’d rather transfer them manually, which shows how terrible the situation is!
By yslee on 08.11.19 11:41pm
Due to speeds I don’t think many would use wifi.
By Kaggy on 08.11.19 11:28pm
nobody connects their camera to a random wifi network. Looking at this Canon as an example, you connect the Canon to the phone or PC through their respective Bluetooth connection or via hotspot tethering. This allows you to instantly transfer pics from your camera to smartphone or PC as you’re taking photos (or afterwards). Or you set a strong password on the camera’s Wifi feature so strangers can’t connect to the camera’s network.
If you can’t even tell the difference between your own hotspot or home network from some stranger network, go back to your parents’ teachings of "stranger danger".
But in any case, most people don’t leave WiFi enabled anyway because it sucks the battery down and photographers value uptime with batteries over Wifi capability.
By dirtyvu on 08.12.19 1:34am
I fully agree, over the last couple of years everytime there’s been some "major security" flaw on phones/computers etc it’s been some truly exotic attack vectors and conditions that need to be fulfilled to be able to be targeted/infected.
Photograph fingerprints that meets certain conditions, print and make molds that might work = never been done in the real world and all other exotic attacks no one will be hit by…
But it’s good that companies actually try fixing stuff even though it’s some serious fringe cases.
By CRKT on 08.12.19 2:52am
Sensitive photos just sitting on your camera? that sounds astoundingly stupid. you’d want to get those off ASAP
By dacresni on 08.12.19 11:14am
In short: don’t have your camera auto join WiFi networks.
Really great read on their site though, especially for fellow programmers!
By NickFlex on 08.12.19 11:43am
suraj shantanu
MalwareBytes Support – Just Call MalwareBytes Phone Number and Instant Support related to Errors or Issues by calling MalwareBytes Customer Service.
By malwarebytes support on 09.21.19 3:08am
suraj shantanu
MalwareBytes Support – Just Call MalwareBytes Phone Number and Instant Support related to Errors or Issues by calling MalwareBytes Customer Service.
MalwareBytes Support – MalwareBytes Phone Number | Call MalwareBytes
By malwarebytes support on 09.21.19 3:09am
suraj shantanu
TurboTax Support – TurboTax Phone Number | Turbotax Customer Service
TurboTax Support – Get all the help you need by calling TurboTax Phone Number and Instantly Get Connected with TurboTax Customer Service over the call.
By malwarebytes support on 09.21.19 3:16am
TurboTax Support – TurboTax Phone Number | Turbotax Customer Service
TurboTax Support – Get all the help you need by calling TurboTax Phone Number and Instantly Get Connected with TurboTax Customer Service over the call.
By malwarebytes support on 09.21.19 3:16am