Camera Ransomware- Is Your Camera Affected?

Posted on the 17 August 2019 by Govind Vijayakumar @govindvkumar

Is your camera is affected by Ransomware? Security researchers recently found that digital cameras are prone to Ransomware by hackers. So, let us see how this Ransomware affects your camera and tips to avoid it.

Ransomware is a well-known threat to computer systems. Now, the threat is also applicable to your DSLR and mirrorless cameras.

How Hackers Put Ransomware on Camera?

It is Check Point Technology Researchers, who showed how hackers could install malware into a DSLR camera remotely. Researcher Eyal Itkin demonstrates it on a Canon EOS 80D DSLR camera, which supports both WiFi and USB for data transfer.

There are two ways in which Ransomware can get installed in your camera:

1.USB: When you use the camera USB port to connect your computer for transferring images.

In the case of USB photo transfer, it happens if the hacker has already hijacked the computer where you have connected the camera.

2.WiFi: When you use camera Wifi for Image Transfer.

The attacker would be using a rogue Wifi Access Point. They will sniff for Wifi Networks which usually gets connected to your camera Wifi.

They will fake this AP and gets connected to your camera automatically. Thus, they join the same camera network and installs the Ransomware.

What will happen to a Ransomware affected camera?

Once the hacker successfully put the Ransomware on camera, you will not be able to operate your camera anymore. Mostly, there will be a message displayed to pay some amount to make the camera operational again.

Even your photos in the camera memory card will be encrypted. So, you won’t be able to use those images.

Are Canon Cameras More Prone to Ransomware?

So, the question is why Canon cameras are more prone to the attack?

As you all know, Canon users have the option to load custom firmware called Magic Lantern on specific Canon camera models. Magic Lantern is an open-source community.

NOTE: If you load your camera with Magic Lantern software then your Canon warranty will get void.

Magic Lantern community maintains the documentation of Canon’s firmware architecture. So, it is easily accessible for hackers to understand firmware vulnerabilities.

Canon has published Official Security Advisory for their Digital cameras using the PTP protocol on 6 August 2019. You can find it here.

Is It Applicable to Nikon/Sony/Fuji Cameras?

Digital cameras use the Picture Transfer Protocol (PTP) for Image transfer (Wired and Wireless). It is a protocol standardized by the International Imaging Industry Association. So, all other camera manufacturers will be aligned with this protocol.

So, other digital cameras are also vulnerable to Ransomware. For other camera models, hackers may take some time to understand the firmware architecture, as it is not readily available. So, it is only a matter of time.

5 Tips to Avoid Ransomware Camera Attack

Even though the demonstration is done on a Canon camera, it applies to all other cameras which make use of PTP. So, I will share some tips which will help to avoid this Ransomware attack on cameras.

1. Don’t Connect Camera Wifi to Unsecured Networks

You might be outside your home or work location, and you may want to send the images. But, don’t connect your camera to any untrusted Wifi network for sharing pictures. Use only trusted wireless networks.

2. Don’t Connect the camera to Untrusted Computers

Connect your camera only to your personal/work computer. If you connect it to an unknown external computer for photo transfer, then you are risking your camera.

The external computer may be infected with a virus, or it may be connected to an unknown network. It makes your camera vulnerable to such attacks.

3. Switch OFF Camera WiFi when Not in Use

It is always good to switch off the camera WiFi when not in use.

It will not only help to save the camera battery life but also protects your camera from such attacks.

4. Use Card Reader for Image Transfer

Instead of connecting the camera directly to the camera, you can use a card reader to transfer the data.

Nowadays, most of the Laptops come with inbuilt SD card readers. So, you can take out your SD card memory from your camera and insert it to your computer to copy the pictures.

5. Use AntiVirus Software in Computer

Your computer may be connected to the internet when you are transferring images from the memory card. So, there is a chance that the virus or malware in your computer can load to your memory card.

When you put back the SD card into the camera, the ransomware may get installed. So, always use Antivirus software for your PC and make sure that it is updated regularly.

Conclusion

So, now you know, how Ransomware affects your camera and how to avoid it.

Next time, when you connect your camera for transferring pictures, make sure to do it in a safe environment. Thus you can avoid such camera security threats.