New research shows your DSLR is vulnerable to ransomware attacks. Ransomware attacks are more common than we can think (remember WannaCry?) and are used to target major companies, mostly.
According to Eyal Itkin, a security researcher at CheckPoint, it is easy for the attacker to plant malware on DSLR cameras. Modern DSLR cameras now support WiFi along with USB cable support. They also use the Picture Transfer Protocol (PTP) for transferring images from the camera to a computer.
Also read: Ransomware vs Malware vs Spyware
How can the attacker target DSLR users?
The research points out that the attacker can target the vulnerabilities of the PTP protocol to attack the user. There are two methods to perform a ransomware attack — using a USB cable that can transfer ransomware from the affected PC to the camera, and from a rogue Wi-Fi, which the attacker can place on some popular tourist destination and access the device of unsuspecting DSLR users. In the video that Checkpoint posted, the researcher used the WiFi to plant the ransomware on Canon’s E0S 80D DSLR. The SD card was deliberately encrypted to block the user from accessing it.
DSLRs are particularly attractive to attackers as they might have personal images stored. Typically, in ransomware attacks, the attacker will demand a ransom in return for the decrypting key to the images.
The research points out the fact that any smart device is vulnerable to the attacks. It also points out that devices using PTP protocols are particularly susceptible to the attacks.
Canon released a security advisory on August 6 and also released a firmware update to counter the threat. In the advisory, Canon detailed ways that you can use to save yourself from the attacks. The methods include not connecting the camera to any infected device, disabling the camera’s network functions when not in use, among others.
The original research of Check Point can be accessed here.