In recent years, the world has witnessed the surge of sophisticated cyber attacks as well as ransomware attacks which have already paralysed Government and private organizations and forced them to pay the amount in return of securing stolen data. But recently it was revealed that if you have a DSLR camera, then you might be inside the unsecured zone.
A software company called Check Point Software Technologies, headquartered in Israel, reported that researchers claimed that the hackers can take over DSLR cameras and infect them with ransomware.
It should be noted that these digital cameras can be a perfect target for the hackers, as these are full of personal images and if the cybercriminals get access to your private pictures, they can demand a huge amount of money in exchange for the images.
As per the blog researcher, Eyal Itkin found that a cybercriminal can easily plant malware on a digital camera and the ideal method for delivering such malware is standardized Picture Transfer Protocol. This hacking process is unauthenticated and can be used with both Wi-Fi and USB.
"While USB and WiFi are used to import our pictures from the camera to our mobile phone or PC, they also expose our camera to its surrounding environment.
"Our research shows how an attacker in close proximity (WiFi), or an attacker who already hijacked our PC (USB), can also propagate to and infect our beloved cameras with malware. Imagine how would you respond if attackers inject ransomware into both your computer and the camera, causing them to hold all of your pictures hostage unless you pay the ransom," said the researcher.
There is a video which showed that how easily ransomware can be installed in a Canon E0S 80D over Wi-Fi and encrypt the images on the SD card so that the user wouldn't be able to access them. Check the video here:
When the vulnerabilities were reported to the Japanese multinational company Canon, they confirmed all of them and then on August 6, they published the patch as part of an official security advisory.
In its security advisory, Cannon advised people on how they can safeguard themselves from threat actors, who can easily install ransomware in their cameras.
- Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
- Do not connect the camera to a PC or mobile device that is being used in an unsecured network, such as in a free Wi-Fi environment.
- Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
- Disable the camera's network functions when they are not being used.
- Download the official firmware from Canon's website when performing a camera firmware update.