DSLR Firmware Flaw Can Leave You Vulnerable to Ransomware: Here's How to Stay Safe
Electronics & Gadgets  

A recent report by Check Point Software stated how hackers can easily transfer malicious software to DSLRs, thereby putting even cameras at risk of ransomware attacks.


A recent security report has revealed how even DSLRs at risk from malicious cyberattacks, showing just how far online hacking and thefts have come to. According to Check Point Software's presentation at the ongoing DEFCON, DSLRs which include Wi-Fi connectivity can be easily left vulnerable to ransomware and malware attacks, hence presenting the risk of financial loss or data theft even in an unsuspecting piece of hardware.
How can cameras be hacked?
The process is actually not all that complicated. Hackers can simply search for Wi-Fi SSIDs of cameras, particularly in prominent tourist hotspots. Given how DSLRs, mirrorless cameras and even premium compact cameras have become more accessible, it is likely that every tourist spot would include some cameras that include Wi-Fi connectivity. It is further important to note that Wi-Fi connectivity has steadily become more common in mainstream, semi-professional and professional cameras, which makes this flaw even more significant.
Once a Wi-Fi SSID is spotted, an attacker can then easily authenticate the connection from their end without knowledge of the camera owner, and transfer a malware that encrypts the plugged-in SD card that includes photographs that can be private, sensitive or simply emotional in nature. The reason why this can be done now is because of camera innovation itself — previously, Wi-Fi in cameras only allowed for one-sided transfer of images, from the camera to a smartphone or a laptop. Nowadays, Wi-Fi and Bluetooth are being used for more features such as using a smartphone as a viewfinder and remote controller, streaming live to social media, etc. This necessitates two-way transfer of data between the camera and the target device.
Once the malware is installed, the entire camera firmware will likely be locked out of user access, until a ransom is paid to a target internet address. Further users with malicious intentions can simply steal data for identity theft, or delete all files as part of nefarious objectives. Commonly referred to as Picture Transfer Protocol (PTP), such flaws can be particularly sensitive in nature


How can users stay safe?
To begin with, users of all cameras should look out for patches that will be released by all camera manufacturers in response to the disclosure of the PTP vulnerability. With the hack having been demonstrated with a Canon EOS 80D DSLR, the imaging company has already released a patch for its firmware, which can be downloaded here. Furthermore, it is always good practice to use the camera's Wi-Fi setup as the access point and connect your smartphone to the camera's network, which creates an intranet of sorts.
Despite not being fail-proof, it is still more secure than connecting to public Wi-Fi hotspots — something that hackers often track in order to detect vulnerable Wi-Fi SSIDs. Finally, users should remain cautious as far as possible, and use the in-camera Wi-Fi only when a file transfer is being made, or other features are being used. As long as it is not necessary, it is good practice to refrain from using the camera with the Wi-Fi turned on.



More in Electronics & Gadgets
Bajaj Pulsar 125 Neon Launched In India; Priced At ₹ 64,000

The Bajaj Pulsar 125 Neon is the entry-level model in the Bajaj Pulsar family, and will offer an affordable Pulsar with prices expected to go up for the 150 cc Pu...

Recently posted . 20 views

Jio GigaFiber plans to start from Rs 700 per month, offer 4K set-top b...

Jio has announced the GigaFiber commercial service in India. GigaFiber will launch on September 5 and will offer plans starting from Rs 700 per month.

Recently posted . 22 views

Keeping Women's Safety In Mind, Hyderabad Man Invents 'Smart Bangles' ...

A young man in Hyderabad has come up with a brilliant idea keeping the security of women in mind. 23-year-old Gadi Harish claims that he invented ‘smart ban...

1 week ago . 19 views

Google Admits Most Android Users Prefer Three Button Navigation And No...

Android Q, the next version of Android, will have gesture navigation as default but there will be the option to switch to the navigation keys.

1 week ago . 18 views



Thought of the day

Success is the sum of several small efforts repeated often day in and day out.