Connectivity could make digital cameras vulnerable to ransomware

The ransomware message displayed on an encrypted camera

The ransomware message displayed on an encrypted camera

According to Check Point's report, this is possible through the picture transfer protocol of the cameras. A DSLR camera is susceptible to ransomware attacks, as hinted by a new report by Check Point Research.

You can read the full details of how the researchers pulled off the attack here, but the long and short of it is that they were able to take advantage of the camera's WiFi connection to encrypt all the photos on the device, and then flash up the familiar demand for cash.

The method of infection relies on the camera being connected to a wireless network, which is becoming increasingly common as it forms a very convenient way of transferring images to a computer or printer. "Attackers can inject ransomware into both the camera and PC", Itkin added. But because the protocol is standardized and embedded in other camera brands too, Check Point believes similar vulnerabilities can be found in cameras from other vendors.

Make sure your camera is using the latest firmware version, and install a patch if available.

Mosque shooting in Norway treated as attempted terrorist attack
As the gunman targeted Muslims in the mosque, a 65-year-old man named Mohammed Rafiq managed to overpower the shooter. After firing shots, the gunman was overpowered by two men inside the building before police arrived at the scene.

"Once compromised, the attacker has full control over the camera, and they could brick it, use it as an espionage tool, or ransomware it as we demonstrated".

Check Point disclosed the vulnerabilities to Canon, which has issued a security update for its devices. Canon published the patch to fix the DSLR camera security flaw as part of an official security advisory. On top of this, Check Point said "Canon has an extensive modding community, called Magic Lantern", which is an "open-source software add-on that adds new features to the Canon EOS Cameras". It's also recommended that camera owners leave the device's Wi-Fi turned off when it is not in use. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections.

The security researcher is saying that there are many ways that bad actors could use this type of ransomware with the most effective one being to release the ransomware at a popular tourist location where people would surely take lots of photos with their DSLR cameras.

The lack of security practices such as misconfiguration and poor management of the Cloud resources remains the most prominent threat to the Cloud ecosystem in 2019, subjecting Cloud assets to a wide array of attacks. Check Point protects over 100,000 organizations of all sizes.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.