Money come from, I have your images! Ransomware to cameras

The news of a clever hack that allows people with bad intentions to encrypt the photos taken by various Canon DSLRs and release them only after payment of a ransom just make the rounds of the media. How great the danger is actually - for Canon photographers as well as for lovers of other brands? Read more about ransomware on cameras.

Ransomware auf Kameras
Ransomware on cameras: care, your camera has been hacked and encrypts all recordings! (Source: Check Point Research)

First of all: Do not worry, it's actually nothing happens. The hackers of the Canon EOS 80D (and many other Canon DSLRs) were of the benign nature - those with the white hat. The White Hat Hacker Eyal Itkin Check Point Research, the photographer with the community recently his presentation has startled the vulnerable spot of the Canon models had dutifully immediately reported to the manufacturer and Canon so given the chance to resolve the issue with firmware updates - owner of an EOS model should check whether there is a firmware update for your camera and this install a timely manner.

A malicious hacker could get serious (with the black hat) and the recording of all accessible via wireless Canon EOS cameras encrypted - combined with the threat to release them only after payment of a ransom. Especially professional Canon photographers would probably received it, for a portion of the fee to be paid a hacker would undoubtedly be better than to stand in front of a customer without pictures.

What ever happened? For many years, digital cameras use the PTP protocol for transmitting image files between the memory card in the camera and a computer. This protocol does not include any special protections, because after it was originally intended to transmit images via a USB cable. The data flow from the device at one end of the USB cable to the other, and third parties have access to it. Today, many camera models also support a conversation in the radio network, the PTP protocol uses the TCP / IP standard. Without a 1-to-1 connection via cable, it is much easier to gain access for a hacker, and the PTP protocol sets the no resistance.

Ransomware auf Kameras
Ransomware on cameras: Magic Lantern reveals the structure of the firmware, which is also dangerous hacks allowed. (Source: Check Point Research)

Thus, namely to send pictures back and forth, but still no great danger would be associated. Serious it is, however, if an attacker modifies the firmware of the camera, because then he can take complete control and, for example encrypt image files so that the photographer no longer has access to it. With cameras of most manufacturers that would have been a big challenge because the firmware is not publicly documented. Canon is an exception, because the firmware of their camera provides the ability to expand it by loaded from the memory card modules. The Magic Lantern project has disclosed the interfaces of the firmware, which allows extremely useful modifications and extensions, but hackers will also show the way how to inject malicious code into the firmware. Eyal Itkin has developed Building on his hack, which modifies the firmware using a PTP transmission in the WLAN. The details did he described in his blog.

And now? Canon photographers the matter is clear. Most can close the vulnerability of their cameras with a firmware update; for a few models, the update is still in progress. But what about the cameras from other manufacturers? The PTP protocol is supported by virtually all and WLAN modules can be found in many models. Whether it everywhere is a similar vulnerability as Canon, only the camera manufacturers to know yourself, and you can assume that they check their firmware on it and, if necessary, protect against similar hacks.

Canon photographers have often envied that the firmware of their cameras is modifiable - often against the will of the manufacturer had, for example, at the time deprived of affordable EOS 300D some features of the more expensive sister EOS 10D, which then connect to an unauthorized firmware were upgraded extension. The firmware of other manufacturers is a black box; no one knows their structure and they must take it as it is. After it is not managed well well-meaning hackers to extend the firmware of these manufacturers, chances are slim that it someone else will succeed. Anyway: Insurance of the manufacturer's own camera that is already taken care of, either for the safety of the firmware or update these manufactures would be welcome, certainly.

show more

Michael J. Hußmann

Michael J. Hussmann is a leading expert in the technology of cameras and lenses in Germany. He studied computer science and linguistics and worked for some years as a scientist in the field of artificial intelligence.

Similar articles

write a comment

Back to top button