Security Researchers — #Canon #DSLR #Cameras Vulnerable To #Hacking

Who keeps their DSLR Wi-Fi on all the time anyway? Maybe if you're working on a project that needed wireless connectivity. But chances are, you're in a closed set and connected to a private network with firewalls and all that jazz. Even so, let's assume someone happens to find you in the vastness of the internet… because you're that special. He hacks into your camera, which happens to be connected at that very instant, and uploads malicious code to exploit your photos — God knows those outtakes should never see the light of day. Now what? What are you going to do? Turn off your camera and pull out the memory card. But what if during that small window of opportunity the hacker managed to download thousands of RAW photos, which could be at least 10MB in size each? In that case, I want you to be a doll and tell me what Wi-Fi device you're using because I want to have that data transfer rate myself.

If at this point you can't tell if I'm being sarcastic, I'm telling you now that I am. (pause) Very.

Anyway, it's very likely that your camera will be hardwired to a computer. Meaning it's offline. Because that's what professional photographers do on set. Unless of course you're previewing from LCD or not using any remote control, then there's no connection, no Wi-Fi or Bluetooth.

And if someone is indeed able to hack into your camera. I'm sure your brain and motor functions won't be affected, so you'll be normal enough to turn off and remove the memory card from your camera. Unless of course… the memory card is built-in to your camera. In which case, I suggest you return the camera and then spend some time to think about the choices you made in life.

File under: WTF Tech.

New York (The Verge) — Security researchers find that DSLR cameras are vulnerable to ransomware attack theverge.com/2019/8/11/2080….

Ransomware has become a major threat to computer systems in recent years, as high-profile attacks have locked users out of personal computers, hospitals, city governments, and even The Weather Channel. Now, security researchers have discovered a way for a hacker to install ransomware on a DSLR camera.

Check Point Software Technologies issued a report today that detailed how its security researchers were able to remotely install malware on a digital DSLR camera. In it, researcher Eyal Itkin found that a hacker can easily plant malware on a digital camera. He says that the standardized Picture Transfer Protocol is an ideal method for delivering malware: it’s unauthenticated and can be used with both Wi-Fi and USB. The report notes that individual with an infected Wi-Fi access point could deploy it at a tourist destination to pull off an attack, or infect a user’s PC.

Last week, Canon issued a security advisory, telling people to avoid using unsecured Wi-Fi networks, to turn off its network functions when it’s not being used, and to update and install a new security patch onto the camera itself. Itkin says that he only worked with a Canon device, but tells The Verge that “due to the complexity of the protocol, we do believe that other vendors might be vulnerable as well, however it depends on their respective implementation.” Andrew Liptak/@verge

Source: verge, full story

 

Leave a Reply