The folks at Check Point Software Technologies where the ones to discover this and they have issued a report that details all the steps that bad actors can take in order to take over a DSLR camera. Researchers at cybersecurity company Check Point Software found that it was possible to exploit vulnerabilities in the protocol to infect a camera with ransomware, presenting their findings at the Defcon security conference in Las Vegas.
It's possible to execute the attack through physical access to the camera via USB, but also remotely via Wi-Fi if the camera's user could be tricked into connecting to a rogue wireless network.
"This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to", Itkin added.
The International Imaging Industry Association devised a standardized protocol known as Picture Transfer Protocol (PTP) to transfer digital images from the camera to PC.
"As PTP is widely used by all digital camera vendors, we do believe that similar vulnerabilities will affect other vendors as well", Eyal Itkin, security researcher at Check Point, told ZDNet. For starters, while most modern DSLR cameras have WiFi built in, the general slow transfer speed means that people tend to transfer directly via SD card, unless they're just moving one or two images.
What Check Point ended up with is a malicious firmware update, which thanks to a PTP command allowing for remote firmware updates without need of user interaction, makes infecting a camera through a patch relatively easy to achieve. Canon published the patch as part of an official security advisory.
Unfortunately Check Point did not disclose whether other manufacturers are indeed vulnerable, but in any case the advise not to connect to unsecured WiFi network holds true regardless of what device you may be using. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections.
Amongst the various devices/apps getting infected by ransomware attacks, we have a new device - a DSLR camera.
The lack of security practices such as misconfiguration and poor management of the Cloud resources remains the most prominent threat to the Cloud ecosystem in 2019, subjecting Cloud assets to a wide array of attacks.