14 DAY TRIAL // A security report detailing how it was possible to install ransomware on DSLR cameras was revealed today. A firmware update is already available to Canon users.
Ransomware is a very nasty piece of malware that’s not built to damage the device or the data, but to extort people out of money. It’s usually limited to desktops and mobile devices, but that doesn’t mean that other platforms aren’t vulnerable as well.
The ransomware trend is growing, and it’s based on a straightforward premise. People don’t update their devices when they should, many don’t use antivirus solutions, and worst of all, some companies stop issuing security patches after a device reaches the designated end of life.
Digital and professional cameras are good targets
If you think of it, cameras would be the perfect target for someone who wants money. They hold our pictures, and many users would gladly pay to have them returned. Check Point Software Technologies released a report detailing how an attacker could install ransomware on a DSLR by using the Picture Transfer Protocol.
Some of the newer digital cameras come with Wi-Fi capability, such as the Canon E0S 80D, which was used as an example. Even if the Canon DSLR comes with a proprietary operating system called DRYOS, it still needs to use the known protocols, like PTP, which runs over Wi-Fi and USB connections.
Using this vulnerability, the attacker could encrypt the photos stored on the card, and the user can’t do anything about it without losing the images. If those pictures are important, many people will choose to pay.
Canon has been working for some months on this problem, and a firmware update was released for the affected cameras, although they didn’t say which models are affected. What’s even more interesting is that the PTP protocol is being used by other camera manufacturers as well and that only means that the problem could be more widespread.
Users can also exercise some caution, as advised by Canon. First of all, don’t connect to Wi-Fi networks or desktops that you don’t know, disable the networking functionality when you’re not using it, and make sure to upgrade the firmware on your camera as soon as possible.
