Digital cameras vulnerable to ransomware, Check Point researchers find

Tip 01 De iPhone Xs heeft twee verschillende camera’s die samenwerken om betere

Tip 01 De iPhone Xs heeft twee verschillende camera’s die samenwerken om betere

After setting up a rogue Wi-Fi access point, which could be placed at a tourist attraction, and once the camera is in range and connected, an exploit is run that accesses the SD card and encrypts any photos it contains.

Check Point Software noticed that the Picture Transfer Protocol (PTP) - which is unauthenticated in both wired and wireless modes - is particularly vulnerable to malware attacks. But while this particular model was chosen for the experiment, researchers warn that any internet-connected digital camera could be vulnerable to the attacks.

Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.

The critical flaw in Canon's Picture Transfer Protocol was reveled by Security Company Check Point Research during Hacking Conference DEF CON 2019.

The researchers say there are a few things camera owners can do to avoid being infected: make sure the camera is using the latest version issued by the firm, and install a patch if available; turn off the camera's WiFi when not in use; when using WiFi, use the camera as the WiFi access point, rather than connecting the camera to a public WiFi network. The attack could ultimately end up with the photos on the camera being locked by ransomware.

Unless photography is your career, photos might not seem like the juiciest ransomware target, but in terms of sentimental value, they can be right up there as the researchers note.

While malware on a camera might not sound like an immediate issue for an enterprise, it's entirely possible that a compromised device could be used as a stepping stone for other attacks.

"Initially focused on image transfer, this protocol has evolved to include dozens of different commands that support anything from taking a live picture to upgrading the camera's firmware", the report says. "Our research is just one more example to the relatively low state of security in day-to-day embedded devices", he added. Since then, they've worked together with Canon to patch the vulnerabilities that were found, which is why these findings were released alongside an official Security Advisory from Canon itself.

If you use a Canon DSLR and haven't seen a firmware update in a while, it's probably an excellent idea to keep an eye on Canon's support page until you do.

The details of the vulnerability and how it was exploited are complicated, and you can read all about it on Check Point Research's website.