Sunday, 8 December 2019
Latest news
Main » This is how ransomware could infect your digital camera

This is how ransomware could infect your digital camera

13 August 2019

As a result, Canon has also issued an official security advisory addressing the researchers' discovery, advising users to avoid connecting their cameras to unsecure networks or devices, disabling their camera's network functions when not in use, and ensuring they've updated to the latest firmware for their shooter.

"The combination of price, sensitive contents with a high personal and emotional value, and widespread consumer audience makes cameras a lucrative target for attackers", the researchers said in a blog post released on Sunday.

Digital cameras use Picture Transfer Protocol (PTP) to transfer digital files and the firm's researchers discovered how to exploit vulnerabilities in the protocol to infect a camera with ransomware, which they showed off at this year's Defcon security conference.

More news: Martin Brundle warns Alex Albon about Red Bull move

The researchers looked at the Canon EOS 80D because it has both USB and Wi-Fi connectivity, as well as an extensive modding community which provides open source software for the camera. Once they had control, they were able to install "ransomware," encrypting all of the photos on the SD card and holding them hostage until and unless the victim pays a sum of money (usually in cryptocurrency) to receive the encryption key and unscramble their images.

"Any "smart" device, including the DSLR camera, is susceptible to attacks", said Eyal Itkin, a security researcher at Check Point. Though Check Point's research only examined the flaw in Canon cameras, cameras from other manufacturers could be affected as well. However, Check Point warns that not just this camera but any internet-connected digital camera could be vulnerable to ransomware attacks. This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to. Canon has released one.

Although most users connect their camera to their PC using a USB cable, newer camera models now support WiFi.

More news: LG G8X Expected To Launch At IFA 2019

Again, we should stress that this is not necessarily a Canon-specific issue, as it is the Picture Transfer Protocol itself (rather than the cameras) that exhibits the security flaw.

As Canon explains, there have been no reported cases of this vulnerability actually being exploited to install ransomware IRL, but now that the info is out there, the company is working as quickly as possible to patch affected DSLRs.

Full technical details of the investigation can be found on the Check Point website.

More news: Scaramucci: Trump's Policies Good; His Rhetoric Isn't

This is how ransomware could infect your digital camera