Singapore, @mcgallen #microwireinfo, August 13, 2019 – Check Point Research, the Threat Intelligence arm ofCheck Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, revealed that through the USB and connections to WiFi networks, today’s modern cameras are vulnerable to ransomware and malware attacks.
Since modern cameras no longer use film to capture and reproduce images, the International Imaging Industry Association devised a standardised protocol known as Picture Transfer Protocol (PTP) to transfer digital images from camera to PC. Initially focused on image transfer, this protocol has evolved to include dozens of different commands that support anything from taking a live picture to upgrading the camera’s firmware.
Check Point Research aimed to access the cameras and exploit vulnerabilities in the protocol to infect the camera. For the research, Check Point used Canon’s EOS 80D DSLR camera which supports both USB and WiFi, and critical vulnerabilities in the PTP were found. Given that the protocol is standardised and embedded in other camera brands, Check Point believes similar vulnerabilities can be found in cameras from other vendors as well.
“Any ‘smart’ device, including the DSLR camera, is susceptible to attacks,” says Eyal Itkin, Security Researcher, Check Point Software Technologies. “Cameras are no longer just connected to the USB, but to the WiFi network and its surrounding environment. This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to. The photos could end up being held hostage until the user pays the ransom for them to be released.”
Here are some things camera owners can do to avoid being infected:
- Make sure your camera is using the latest firmware version, and install a patch if available.
- Turn off the camera’s WiFi when not in use.
- When using WiFi, prefer using the camera as the WiFi access point, rather than connecting your camera to a public WiFi network.
Check Point Research informed Canon about the vulnerabilities and the companies worked together to patch them. Canon published the patch as part of an official security advisory in English and Japanese.
For more information about how the research was carried out, visit: https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera or https://youtu.be/75fVog7MKgg
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Check Point’s solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and advanced targeted threats. Check Point offers a multilevel security architecture, “Infinity Total Protection with Gen V advanced threat prevention”, this combined product architecture defends an enterprises’ cloud, network and mobile devices. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organisations of all sizes.