The DSLR cameras of Canon are vulnerable to a remote attacks through the image transfer protocol that they use, as detailed in a summary the security brand Check Point Software. It is not discarded that the problem affects other brand of digital reflex as well.
The transfer protocol of standarized images (PTP) is not authenticated and can be used with wi.fi and USB and for that is an ideal method to bring malware, specially Ransomware, a true outbreak for the worldwide cybersecurity.
In a video, investigators from Check Point show how to exploit this vulnerability on a Canon E0S 80D through a nearby wi-fi network and to cypher the images of the SD card not allowing the user or the profesional to access them until they pay an economic amount as a “rescue”. A big problem because these DSLR are usually used in professional groups. And or you pay or u lsoe them if you don’t have security backups.
Check Point says that they revealed the vulnerability to Canon in March and both began to work on May to develop a patch. Last week, Canon emited a security report recommended to their users that avoid the use of non secure Wi-Fi networks, that the switch off the net conectivity when they are not using it and that they update and install the latest security patches that solve the problem in some models.
And not only Canon. “Due the complexity of the PTP protocol, we believe that other suppliers can also be vulnerables, although, it will depend of their respective implementation”, warned the investigators
Ransomware: a threat
Ransomware is the main threat of malware in the major part of the member states of the European Union, as written in the security report of Europol in 2018. The attacks under this cyber attack method are more numerous, sophisticated, dangerous and massive, like we saw with WanaCryptor, a well planified and structurated attack with the objective of achieving a massive infection on a global level, trapping a big number of the big companies of dozens of countries.
As we see in the DSLR of Canon, it is becoming more frequent and more dangerous as the focus of the attackers now are moving further of the Pcs to the smartphones or tablets, digital assistants and in general, any kind of device connected to the network.
According to the last report of Malwarebytes, the Ransomware grew a 200% in the business sector the first trimester in 2019. Although, depending of the type of the Ransomware and the grade of the cypher used, it exists some public tools to decypher them, in the major part of the times for the clients, there’s no other solution than format the computer/device with the following waste of time and the data and archives if we dont have backups.