In the world of technology, we’ve been dealing with spyware and ransomware attacks on our devices for years. Gadgets like Android and Windows based mobile phones and laptops have long been a risk factor for hackers, but have you ever wondered if this could happen to your digital camera as well? Well, a recent study conducted by Checkpoint Research has shown that digital cameras can also be vulnerable to ransomware attacks.
The study was conducted by Check Point Research’s Yale Itkin, who described the whole process of how the hack was performed. Itkin chose to use a Canon EOS 80D DSLR because Canon is a popular brand and that particular camera supports USB and Wi-Fi. Itkin was able to hijack the camera using PTP or Picture Transfer protocol, which is usually used by the camera to connect to the computer and if not usually encrypted. The report states that ransomware can be uploaded to the camera via USB (if the host computer already has malware) or by tapping directly into the camera’s inbuilt Wi-Fi (provided the camera is close enough to you). Itkin even shot a short video showing how to do this easily via Wi-Fi.
Now, unlike our phones and laptops where we may have a lot of sensitive information like your home address or credit card details, you will not have a camera. However, it will include photos of your family vacation and others that you may not want to see the world. By installing ransomware, hackers can encrypt your photos so the only way to access it would be through a decryption key, for which, they can claim a certain amount of money. Depending on how sensitive or badly you want the photos, victims will probably be willing to pay.
Itkins reached out to Canon about the vulnerability in March and now that the report has been made public, Canon has issued a statement warning users to avoid connecting their cameras to open public networks and to disable Wi-Fi if not needed. The hack has so far been proven to work on a Canon camera, but there is a good chance that other cameras may be weaker than other manufacturers.