Wednesday, August 14, 2019


Security Firm Demonstrates How Ransomware Can Hijack the Canon 80D – Company Issues Update

By Kehl Bayern 




 


Almost anything can be hacked if it uses software, and apparently Canon DSLRs are among those things you have to watch.

EOS 80D
from Canon.
A story traveling throughout the photography world is telling all of us Canon fans to update our DSLR software – and now – or risk being taken hostage by ransomware that can be installed via the camera’s Wifi connection. Check Point Research released a video showing how easily a Canon 80D could be hijacked by hackers and then held using ransomware that forces the user to pay a huge sum in order to have their device and its contents released. Long a problem plaguing computers and smartphones even, ransomware on a DSLR is new but probably something just waiting to happen.
Unveiled during Hacking Conference DEF CON 2019, Check Point Research demonstrated how Canon’s “Picture Transfer Protocol” had vulnerabilities that allowed for this kind of thing to occur. A report from PetaPixel states that “such an [infection] will allow attackers to do whatever they want with the camera, and infecting it with Ransomware is only one of many options.”
Canon just happened to be the focus of this exercise, but Check Point thinks there are other makes other there with vulnerable devices. To quote, “Based on our results…we believe that similar vulnerabilities can be found in the PTP implementations of other vendors as well.”
Before making their results public, the group shared their data with Canon to allow the company time to make a patch to overcome the flaw. That’s why this revelation came out alongside an update for Canon’s affected DSLRs so quickly – and we’re pretty grateful they chose that route to take. Unfortunately, the patch out there now is for the 80D as shown in the demonstration video. Until the company can update the protocol for all of its DSLR cameras, it has some advice that you can read here.
As always, we’d love to know your thoughts on this story. How scary is the thought of having your DSLR held for virtual ransom? Pretty terrifying, honestly. Let us know your feelings in the comments below.

Share this article.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.