Cyber experts identify serious security flaw in digital cameras
The latest models of digital cameras are increasingly vulnerable to ransomware and malware attacks through their USB and WiFi connectivity, researchers at leading Israeli cybersecurity company Check Point Software Technologies revealed on Sunday.
Check Point Research, the threat intelligence arm of the company, discovered vulnerabilities in the internationally standardized protocol for the transfer of digital images from camera to PC, known as the Picture Transfer Protocol (PTP).
The protocol has evolved in recent years from digital image transfer alone to a range of different commands to support tools, such as the capture of live photos and upgrading the camera’s firmware.
Containing sensitive content with highly personal and emotional value, digital cameras are a lucrative target for malicious hackers who successfully identify vulnerabilities and can even demand a ransom to release picture files.
Using Canon’s EOS 80D DSLR camera, equipped with both USB and WiFi connectivity, researchers discovered multiple critical vulnerabilities in the PTP. As the protocol is standardized and embedded in other leading camera brands, researchers believe similar vulnerabilities can also be found in other leading vendors.
Researchers found that for users transferring photos via public WiFi networks, attackers in close proximity to the camera could “easily” establish a rogue WiFi access point by sniffing the Internet network and then bearing the same name as the one used by the camera to automatically connect, thereby enabling hackers to infect the device with malware and ransomware.
In the case of USB connections, attackers that have already hacked the user’s PC can exploit the connection to infect the camera.
“Any ‘smart’ device, including the DSLR camera, is susceptible to attacks,” said Check Point security researcher Eyal Itkin.
“Cameras are no longer just connected to the USB, but to the WiFi network and its surrounding environment. This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and the PC it is connected to. The photos could end up being held hostage until the user pays the ransom for them to be released.”
Check Point, which presented its findings at the DEF CON hacking conference in Las Vegas on Sunday, informed Canon prior to the presentation and worked together to patch the vulnerabilities in an update released last week.
“At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm,” Canon said in the update published on August 6.
To avoid infection, Check Point researchers recommend that camera owners verify that their device is using the latest firmware version, turning off the camera’s WiFi when not in use and refraining from connecting cameras to public WiFi networks.