Check Point Research, its research department Check Point Software Technologies Ltd., revealed that the connectivity of modern cameras with Wi-Fi as well as the use of the USB ports they have, makes them vulnerable to attacks from ransomwares and malwares.
It is well known that modern cameras no longer use film for shooting and recordingtreatment εικόνων, η Διεθνής Ένωση Βιομηχανίας Απεικόνισης (I3A) ανέπτυξε ένα τυποποιημένο protocol, γνωστό ως Πρωτόκολλο Μεταφοράς Εικόνας (PTP), για τη transport ψηφιακών εικόνων από τη φωτογραφική μηχανή στον υπολογιστή. Το συγκεκριμένο πρωτόκολλο, αρχικά επικεντρώθηκε στη μεταφορά εικόνων, πλέον όμως έχει εξελιχθεί ώστε να περιλαμβάνει δεκάδες διαφορετικές εντολές που υποστηρίζουν τα πάντα, από τη λήψη ζωντανής εικόνας έως την αναβάθμιση του firmware της κάμερας.
Check Point Research decided, using a camera, to exploit the vulnerabilities of the protocol in order to infect the camera. For the purposes of the survey, Check Point used the camera DSC 80D SLR, which supports both USB and Wi-Fi, identifying critical vulnerabilities in PTP. Since the protocol is standardized and integrated into other camera brands, Check Point believes that similar vulnerabilities can be found in other vendors' cameras.
"Any 'smart' device, including DSLR cameras, is vulnerable to attack," said Eyal Itkin, Security Researcher at Check Point Software Technologies.
Cameras are no longer simply connected to USB, but to network Wi-Fi and the environment that accompanies it. This makes them more vulnerable to threats, as attackers can inject ransomware into both the camera and the computer it's connected to. Photos could potentially be intercepted or "locked" until the user pays a ransom to "unlock" the material.
The following are tips for users to protect their cameras from related threats:
- Make sure your camera uses the latest firmware and install updates if available.
- Turn off camera Wi-Fi when not in use.
- When using Wi-Fi, prefer to use the camera as a Wi-Fi access point instead of connecting your camera to a public Wi-Fi network.
Check Point Research briefed Canon on the vulnerabilities and the two companies worked together to address them and close the security gap. Canon launches 'update' as part of an official safety directive that has been released so far Αγγλικά as well as in Ιαπωνικά.
For more information on how to conduct the survey, please visit https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera.
_________________
- Windows 10 resize virtual memory
- Digital steganography: What is digital steganography?
- Viral the Santorini light, only 2018
