Cybersecurity experts detail a threat that could expose digital cameras to attacks such as ransomware and malware.
Check Point Research, the research arm of Israeli cybersecurity company Check Point Software Technologies, has discovered vulnerabilities in a DSLR camera that could be exploited by hackers.
According to Check Point researcher Eyal Itkin, a hacker can easily plant malware on a digital camera through the Picture Transfer Protocol, the standardized protocol for transferring images from a digital camera to a PC.
While the PTP can also perform a wide range of commands ranging from supporting tools, capturing of live photos, and upgrading the camera’s firmware, the protocol can also be used as a method for delivering malware.
Hackers’ Lair
Since a PTP is unauthenticated and can be used with both Wi-Fi and USB, the technical paper notes that infected Wi-Fi access could be used to deploy malware or infect a user’s PC. Attackers that already hacked a user’s PC can exploit the USB connection to infect the camera.
“Any ‘smart’ device, including the DSLR camera, is susceptible to attacks,” Etkin said.
He added that WI-FI and USB connection makes cameras more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to.
In a video, Itkin demonstrated how he exploited a Canon EOS 80D via Wi-Fi and encrypted the images on the SD card so that the user wouldn’t be able to access them. Six bugs were found on the camera's firmware.
“The photos could end up being held hostage until the user pays the ransom for them to be released,” the report wrote.
How To Avoid Attacks Via PTP
Last Aug. 6, Canon released a security advisory for its digital cameras related to PTP communication functions and firmware update functions. The company and Check Point have been working on a security patch for the firmware vulnerability since May.
Canon said while there have been no confirmed cases of the vulnerabilities being exploited to cause harm, it advised customers on how to use digital cameras securely. The company suggests that users ensure the security settings of the devices that are connected to the digital camera such as the PC and router being used.
It is not advised to connect the camera to a PC or mobile device to an unsecured network or in free Wi-Fi connections. Users are also discouraged from connecting the camera to a PC or mobile device that is potentially infected with a virus. When the camera is not used, it is advised to disable the network functions. Firmware updates must also be downloaded from Canon's official website.