There has been a camera security threat highlighted, and Canon has issued advisories for 30 vulnerable products, and warns that other manufacturers may be affected.

The affected camera models are at risk of being infected by ransomware and malware, where cyber-attackers can hold content taken on the camera to ransom. The vulnerabilities were discovered by Check Point (a cyber security firm), whom alerted Canon about the problem affecting products across its mirrorless, DSLR and compact camera ranges.

Check Point used the Canon 80D to highlight the issue and have released a video demonstrating how easy it is to exploit holes in the standard Picture Transfer Protocol (used to transfer files from cameras to PCs). They have warned it can infect both the camera and computer!

 

Canon instantly released a product advisory, along with a firmware update for the 80D. It also confirmed that 30 of its cameras are susceptible to attack, from professional bodies like the 1dx II, to the EOS R and the G5X Mark II.

The affected Canon products are listed below, and Canon will issue firmware updates in due course to patch the issue:

Canon EOS-1D X
Canon EOS-1D X Mark II
Canon EOS-1D C
Canon EOS 5D Mark III
Canon EOS 5D Mark IV
Canon EOS 5DS
Canon EOS 5DS R
Canon EOS 6D
Canon EOS 6D Mark II
Canon EOS 7D Mark II
Canon EOS 70D
Canon EOS 80D (firmware available for download)
Canon EOS M10
Canon EOS M100
Canon EOS M3
Canon EOS M5
Canon EOS M50
Canon EOS M6
Canon EOS R
Canon EOS RP
Canon EOS Rebel SL2
Canon EOS Rebel SL3
Canon EOS Rebel T6
Canon EOS Rebel T6i
Canon EOS Rebel T6s
Canon EOS Rebel T7
Canon EOS Rebel T7I
Canon PowerShot G5X Mark II
Canon PowerShot SX70 HS
Canon PowerShot SX740 HS

“Any ‘smart’ device, including DSLR cameras, are susceptible to attacks,” said Eyal Itkin, Security Researcher, Check Point Software Technologies. “Cameras are no longer just connected via USB, but to WiFi networks and their surrounding environment.

“This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to. Hackers could then hold peoples’ precious photos and videos hostage until the user pays a ransom for them to be released.”

Canon stressed that there have been no cases so far of malicious activity: “At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue.”

Full technical details of the investigation can be found here on the Check Point website.

 

We Can Update The Firmware On Your Camera For £19.95 – Click To Find Out More.

facebook
Blog

Tel: 01798 306599