DSLR Firmware Flaw Can Leave You Vulnerable to Ransomware: Here's How to Stay Safe
A recent security report has revealed how even DSLRs at risk from malicious cyberattacks, showing just how far online hacking and thefts have come to. According to Check Point Software's presentation at the ongoing DEFCON, DSLRs which include Wi-Fi connectivity can be easily left vulnerable to ransomware and malware attacks, hence presenting the risk of financial loss or data theft even in an unsuspecting piece of hardware.
How can cameras be hacked?
The process is actually not all that complicated. Hackers can simply search for Wi-Fi SSIDs of cameras, particularly in prominent tourist hotspots. Given how DSLRs, mirrorless cameras and even premium compact cameras have become more accessible, it is likely that every tourist spot would include some cameras that include Wi-Fi connectivity. It is further important to note that Wi-Fi connectivity has steadily become more common in mainstream, semi-professional and professional cameras, which makes this flaw even more significant.
Once a Wi-Fi SSID is spotted, an attacker can then easily authenticate the connection from their end without knowledge of the camera owner, and transfer a malware that encrypts the plugged-in SD card that includes photographs that can be private, sensitive or simply emotional in nature. The reason why this can be done now is because of camera innovation itself — previously, Wi-Fi in cameras only allowed for one-sided transfer of images, from the camera to a smartphone or a laptop. Nowadays, Wi-Fi and Bluetooth are being used for more features such as using a smartphone as a viewfinder and remote controller, streaming live to social media, etc. This necessitates two-way transfer of data between the camera and the target device.
Once the malware is installed, the entire camera firmware will likely be locked out of user access, until a ransom is paid to a target internet address. Further users with malicious intentions can simply steal data for identity theft, or delete all files as part of nefarious objectives. Commonly referred to as Picture Transfer Protocol (PTP), such flaws can be particularly sensitive in nature
How can users stay safe?
To begin with, users of all cameras should look out for patches that will be released by all camera manufacturers in response to the disclosure of the PTP vulnerability. With the hack having been demonstrated with a Canon EOS 80D DSLR, the imaging company has already released a patch for its firmware, which can be downloaded here. Furthermore, it is always good practice to use the camera's Wi-Fi setup as the access point and connect your smartphone to the camera's network, which creates an intranet of sorts.
Despite not being fail-proof, it is still more secure than connecting to public Wi-Fi hotspots — something that hackers often track in order to detect vulnerable Wi-Fi SSIDs. Finally, users should remain cautious as far as possible, and use the in-camera Wi-Fi only when a file transfer is being made, or other features are being used. As long as it is not necessary, it is good practice to refrain from using the camera with the Wi-Fi turned on.