Canon Wi-Fi Connected DSLRs Have Serious Flaw, Security Company Finds

A visitor looks through Canon's first full-frame mirrorless digital camera Eos R during the first

Digital cameras use Picture Transfer Protocol (PTP), a standard protocol to transfer digital files.

You can read the full details of how the researchers pulled off the attack here, but the long and short of it is that they were able to take advantage of the camera's WiFi connection to encrypt all the photos on the device, and then flash up the familiar demand for cash. Either way, as advantageous as it is to have these new wirelessly enabled cameras and devices, it's scary to realize just how easy it is to possibly hack into them when you're out in the wild!

As per the research, the cybercriminals can easily fool PTP/USB and PTP/IP protocol by setting up a Wi-Fi access point and sniffing a specific GUID from the network.

The DSLR camera vulnerability allows hackers to harm both the DSLR cameras and the computers to which they can be connected via USB. As the protocol is standardized and embedded in other leading camera brands, researchers believe similar vulnerabilities can also be found in other leading vendors.

Recently, Eyal Itkin, Check Point Security researcher discovered some critical vulnerabilities which infect a Canon EOS 80d with ransomware.

Once the camera is attacked, the photos could end up being held hostage until the user pays the ransom for them to be released.

In response to this, Canon has given a security advisory encouraging people to ensure their firmware is up to date.

Itkins reached out to Canon regarding this vulnerability back in March and now that this report is made public, Canon has issued a statement warning users to avoid connecting their cameras to open public networks and to disable Wi-Fi when not needed.

Again, we should stress that this is not necessarily a Canon-specific issue, as it is the Picture Transfer Protocol itself (rather than the cameras) that exhibits the security flaw. Itkin identified some weakness in the interaction of Canon camera with the Picture Transmission Protocol (PTP) as soon as the EOS Utility software fired up to communicate with the camera.

In the case of USB connections, attackers that have already hacked the user's PC can exploit the USB connection to infect the camera. Following this, they accessed the PTP layer that had various PTP handlers (around 148), making the functionality highly vulnerable to malicious attacks.



Other news