Even DSLR cameras are vulnerable to ransomware

Yolanda Curtis
August 13, 2019

You can read the full details of how the researchers pulled off the attack here, but the long and short of it is that they were able to take advantage of the camera's WiFi connection to encrypt all the photos on the device, and then flash up the familiar demand for cash.

"The combination of price, sensitive contents with a high personal and emotional value, and widespread consumer audience makes cameras a lucrative target for attackers", the researchers said in a blog post released on Sunday. According to researcher Eyal Itkin, hackers could easily transfer malware on the camera using the Picture Transfer Protocol (PTP), which is unauthenticated and can be used to insert malware either over the air (Wi-Fi) or using the USB port. Imagine you are on a holiday and have many GBs worth of photos stored on your SD card.

For their research, Check Point used a Canon EOS 80D Digital Single-Lens Reflex (DSLR) camera, which supports both USB and WiFi.

Since the protocol is standardized and embedded in other camera brands, Check Point believes "similar vulnerabilities can be found in cameras from other vendors as well", the statement said.

This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to. But while this particular model was chosen for the experiment, researchers warn that any internet-connected digital camera could be vulnerable to the attacks.

The bad news is that while Canon has issued a security advisory telling people to install a security patch and avoid unsecured WiFi networks, there's every reason to suspect other companies' cameras could be just as vulnerable. Researchers have discovered that the devices can be infected with ransomware, encrypting users' photos and videos until they pay for a decryption key. The findings, which were shared with Canon ahead of the public reveal, have left Canon scrambling to patch a serious security flaw.

"Since modern cameras no longer use film to capture and reproduce images, the International Imaging Industry Association devised a standardised protocol known as Picture Transfer Protocol (PTP) to transfer digital images from camera to PC".

As Canon explains, there have been no reported cases of this vulnerability actually being exploited to install ransomware IRL, but now that the info is out there, the company is working as quickly as possible to patch affected DSLRs.

Other reports by iNewsToday