5

Increasingly, I hear of hackers gaining control over digital devices for their own gain or merely to be a nuisance.

I don't know but suspect that when tethered to another device such as a computer, malware can be unknowingly passed. Blue Tooth might also be a conduit to the camera logic. Maybe something is hiding in the "cloud" to be downloaded? Either way, I've decided to repatriate anything in the cloud to something back here on Earth.

Has anyone knowledge or experience if this is a distinct possibility? I'd be interested.

UPDATE: My brother sent me this link to checkpoint software pwning a camera over wifi in less that a few seconds.

Tags suggestions appreciated.

  • vtc b/c This question only incidentally involves camera equipment and is not relevant to the use of such equipment for photographic purposes. Any device with a processor can potentially be hacked. –  Aug 11 '19 at 20:58
  • 2
    Since you know the answer, it's clear that this isn't really a question but really meant as a discussion prompt or even just a notice. This site is not really meant for that kind of thing. – mattdm Aug 11 '19 at 22:09
  • 1
    @mattdm Mea Culpa. This started as a conversation with my brother about possibilities. We decided that I would post the question here and he would look around his sources. Circumstances brought everything together. I'm not sure if it's on or off topic other than how to protect one's gear. How to protect one's gear in the rain might be on topic. I think viruses are as ubiquitous as rain. QED. Yes? No? –  Aug 11 '19 at 22:24
  • 4
    I think this is on-topic. Like it or not, cameras are now computers (just like phones). Care of a camera should be on-topic, and care of a modern camera includes protecting against malware. Having said that, I don't think ransomware on digital cameras running proprietary firmware is a thing. –  Aug 11 '19 at 22:34
  • This is a computer security question that is as topical as would be a question about securing a laptop that is primarily used for editing photos. –  Aug 12 '19 at 03:43

6 Answers6

16

From the OP's link… or more precisely from the security report the tweet is linked to - Check Point Research Reveals Modern Cameras’ Connectivity to Wi-Fi Make Them Vulnerable to Ransomware and Malware

Here are some things camera owners can do to avoid being infected:

  1. Make sure your camera is using the latest firmware version, and install a patch if available.
  2. Turn off the camera’s WiFi when not in use.
  3. When using WiFi, prefer using the camera as the WiFi access point, rather than connecting your camera to a public WiFi network.

That third point is the one - if your camera is the access point, then before you can even start to try to hack it you first need to hack into the access point. WPA2 is not impossible, but certainly not easy to hack. Once past that you would need to try to side-load the specific hack for that specific model of camera.

All the time you were doing this you'd have to be within 15m of the photographer.

Defcon does this kind of thing every year - it exposes weaknesses to make manufacturers change their practices, long-term. The thing is that you get good brownie points for finding a new exploit. It doesn't have to be one that's easy or even likely, it just has to be possible.
Cue crowds of cheering pen-testers.

As with all good white hat hackers, CheckPoint first told Canon about the exploit they had found & didn't make it public until after it had been patched.
Canon - Regarding the security advisory for Canon digital cameras related to PTP (Picture Transfer Protocol) communication functions and firmware update functions

  • I gather this includes Bluetooth. As far as you are aware, are there any other means to gain access to my box without my knowledge and permission? Thank you +1. –  Aug 12 '19 at 13:44
  • There is no mention of Bluetooth in the report at all. –  Aug 12 '19 at 13:51
  • And remember that Canon already patched those vulnerabilities, that exploit is no longer viable, improbable as it was. –  Aug 12 '19 at 16:54
  • 3
    @FábioDias It's not viable on cameras which have had the updates released and actually installed by the users and it won't be viable on future cameras. But there's probably still quite a few cameras that are vulnerable because they're no longer supported or their owners haven't and might never update (and this may include some that are still in boxes on store shelves, depending on when Canon pushed the update and how long it's been since the cameras left Canon's control). – 8bittree Aug 12 '19 at 18:21
5

Everything is hackable. There is no protection that cannot be circumvented, assuming that the data/device is in working/accessible condition.

The point is if is worth the effort. Arguably, there is little to be gained from getting access to a dedicated camera. A mobile phone would be far more profitable, more information, more entry vectors. It could even be used as an entry vector to other accounts/networks/devices.

Even thinking in ransomware scenarios, most photographers, from amateur onwards, usually rotate several SD cards. If you encrypt one, I'd just be sad I lost some pics, format it and move on. Then consider that all wireless connections of my camera are usually off (battery saving) and when I turn it on, it is for short periods of time (not many sniffing opportunities). And you can't really do it remotely, the hacker must have some sort of physical proximity... not trivial...

Fábio Dias
  • 167
  • 1
  • Let me put it another way. Many come here without a clue about wireless connection much less how or where in settings it might be located and what it might be called. Some come here who cannot get their gear to work. It is for the lion's share of photographers who have gear too sophisticated for their understanding but not their pocketbook. I was hoping for more specifics. –  Aug 12 '19 at 02:37
  • Take a peek at the link. Your camera is locked. Changing the card does nothing. It's BRICKED. How to minimize the possibility is what we're (speaking collectively for anyone who has a DSLR) wanting is best avoidance/minimization of the possibility. –  Aug 12 '19 at 00:54
  • Turn off the wifi/bluetooth. Can't get in without an entry vector. But you are missing the point, this was always possible. Even with wireless off, that is still possible, just more difficult. Once what you have on the camera is valuable enough to be worth the effort, someone will get access. And probably not bricked, you can still write over the firmware with sideloading. –  Aug 12 '19 at 01:09
  • 4
    @Stan that's why the manufacturer puts the manual in the box (or on the website), since that information is model-specific. Beyond "turn off your wireless, mind your gear" this subject becomes a subfield of CS called "cybersecurity", which I only know very superficially, despite my CS degrees... I do not believe this is the proper venue to get past the superficial, especially because of the myriad of different ways these connections are established... –  Aug 12 '19 at 03:41
  • 2
    At risk of repeating myself… Notwithstanding your credentials… Instead of giving me all of the subterfuge, why not explain to me (and others) In your answer… How best to protect it. Richard Feynman once said, If you can't explain something in simple terms, you don't understand it. –  Aug 12 '19 at 13:41
  • 6
    He also notably said, "Hell, if I could explain it to the average person, it wouldn't have been worth the Nobel prize." –  Aug 12 '19 at 14:45
  • 3
    @Stan Use film. Hard to remotely hack pure analogue. – Chronocidal Aug 12 '19 at 14:45
  • 1
    @Stan Because the basics (turn off wireless, mind your gear) were already covered (both by answers and comments), and I'm trying to convey an orthogonal aspect of the risk/reward analysis that the "perpetrator" would consider. If the rewards outweigh the risk/cost, it will happen. That's how real security works, you adapt your countermeasures to the credible/probable, based on how much your data is worth. That's not only for cyber, think of your house padlocks, the lawn fence, bedroom vault, etc.. –  Aug 12 '19 at 16:53
4

The video in your link seems to refer to this exploit where a Canon camera is attacked using vulnerabilities in the PTP implementation. This requires a data connection between the camera and the attacker: either via USB or WiFi. The camera would then accept and execute a firmware image which then can do anything, including encrypting the photos, sending them to the attacker, and bricking the camera itself, all of which can be used to collect ransom.

One important aspect of firmware viruses is that once infected, the device can never be fully trusted again: the process of updating firmware is controlled by the firmware itself, so sending a known clean firmware to the camera cannot guarantee that the device really accepts it without persisting any of the malicious code.

The good news is, firmware infections are known for at least half a decade now, but they never became mainstream. The costs of such attacks are too high to target regular users, so unless you are taking photos inside a nuclear facility in Iran, such an attack is quite unlikely. What is likely is getting your camera's storage infected with a regular PC virus.

Both attacks require a way to get the malicious data into your camera in the first place, so if you keep the wireless interfaces disabled and don't plug your camera or the storage cards into untrusted computers, there's nothing to worry about.

Dmitry Grigoryev
  • 10,152
  • 1
  • 27
  • 56
  • 1
    Technically, there might be JTAG interfaces accessible under the cover, allowing firmware-independent firmware updates. Or non-overwritable bootloaders. Or going full Rossmann and desoldering and reprogramming the flash chips :) – rackandboneman Aug 13 '19 at 11:29
  • The last paragraph means more to the average photographer than your fine introduction. Still, if I told that to my brother, his eye's would gloss over and he'd probably not give it another thought until it happened to him. +1 –  Aug 12 '19 at 13:49
2

There are a few assumptions that go into the CheckPoint demonstration hack. Note that so far as I'm aware, this isn't a hack that is "in the wild" - this is a "white hat" hack where a ethical hacker tests the security of the device.

In ethical hacking, the findings are not immediately announced to the public. Instead, they inform the product vendor of the finding and provide them ample opportunity to produce a fix. Canon was notified and a fix is already available for the camera in question.

As someone who does work in the security field I can make a few general statements.

  • There are many vulnerabilities that are detected by ethical people and where a software fix is made available prior to any unethical people learning about the exploit. Most of the time, this is how things work. But ...

  • This comes with a consequence. Once a vendor makes a fix available, malicious hackers can compare the patched vs. unpatched software to see if they can work out what had to change. This provides them some clues as to where they might find the vulnerability. Once they find the vulnerability, then can build software to exploit it.

  • This means that the security fix itself ... clues in unethical hackers about the vulnerability and gets them busy trying to build an exploit. But this takes time. It might happen in just a few days.

  • THIS means that once a security patch is available, you really should make it a priority to download and install the security patch as soon as possible (preferably within just a few days). If you do this, your device will be patched from that particular vulnerability before any exploits show up in the wild.

  • Trouble happens when security patches have been available for months (or years) and people don't bother to install the necessary updates. If you do not want to install feature updates ... that's one thing. But you should make a special effort to keep up with security updates.

Malicious hackers are regularly trying to build exploits against computers (operating systems & applications). But home electronics devices, such as home routers, security cameras, etc. -- anything with an Internet connection -- are particular ripe targets because often these devices are often a bit too casual about the security aspects of their design. They make mistakes that software vendors used to make 20 years ago when they did things such as having well-known default passwords -- or storing or transmitting sensitive data in-the-clear.

I have a home security camera (a doorbell camera) that stored the WiFi network password in-the-clear such that a malicious hacker would be able to retrieve the password and use the information to get into the home network.

While many of us have several devices that can be internet-connected in our homes, I typically choose to network these devices via "wired" connection if that's an option. This isn't just safer from a security perspective, it's also more reliable because you aren't competing for bandwidth with neighboring wifi networks.

A traditional photographic camera is a bit of a special case because the camera does not need any network connection to perform its function. The WiFi or Bluetooth option is usually just there is an option to allow remote functionality and/or to transfer files. I transfer files by removing the memory card and inserting it in the computer (it's much faster) and only use the WiFi feature if I'm away from home and don't have my card reader with me.

But as a more generalized answer ... there are more and more Internet of Things devices that need a WiFi connection in order to work. If the vendors of these products are not experienced at how to secure their products (and many are not) then they leave consumers vulnerable to these sorts of attacks.

Keep your products up-to-date ... especially for security updates.

Tim Campbell
  • 241
  • 1
  • 4
  • "things such as having well-known default passwords". Used to be that the world's largest provider of free wifi was Linksys with their universal default password. =) – scottbb Aug 13 '19 at 17:23
0

I think you have just cause to be concerned. As stated by Fabio, everything is hackable. If you are press photographer, wedding photographer or are in the public arena as a competeitive photographer in any aspect, you should not activate wifi or you should use a body without the option. The risk of losing your own work to a competitor is too great. Can you imagine shooting a wedding and not selling any prints because someone stole everything that you shot straight from your own camera without your knowledge? Unless you absolutely need it, turn off wifi.

  • 1
    Can you cite even one instance where this has happened? I sincerely doubt professional photographers would use wifi anyways on location as they take a lot of photos and bandwidth is too low. –  Aug 12 '19 at 01:57
  • 1
    No, not personally, but that doesn't mean it doesn't happen or won't happen. Everything is hackable. As far as a photogs habits are concerned, I won't presume to know how everyone shoots. If the wifi is turned off, though, the door is closed to hackers or it becomes much harder to without being noticed. –  Aug 12 '19 at 02:09
  • @EricShain My niece thought it would be cool to have all of the photography at her wedding streamed to a site where remote viewers could 'attend.' It was wildly successful and as far as I know imitated. –  Aug 12 '19 at 02:26
  • You "missed" the other half of the idea. It's a cost/benefit analysis. If your camera has nuclear launch codes and a state agency gets wind of it, they will get access to it, regardless of any precautions you take, short of termite. Wedding photos, meh. The amount of work/risk to actually do something like that in this context is borderline prohibitive... Not to mention the knowledge and gear necessary.. –  Aug 12 '19 at 03:45
  • 1
    no, not everything is hackable. Take my old Nikon D200. It has no wifi, no bluetooth, no 3G. The only way to get into its brains is to have physical access to the device and even then you'd need to crack open the case and install some extra hardware. My newer D7500 has WiFi and Bluetooth, but only acts as a base station itself, and will only communicate with Nikon's own software when doing so. Maybe a man in the middle attack is possible, but highly unlikely. – jwenting Aug 12 '19 at 11:01
  • @Stan Are you sure it wasn’t video being live streamed? Wedding photographers don’t show their work until it’s been edited in my experience. –  Aug 13 '19 at 01:42
  • 2
    @FábioDias You are 100% correct: obligatory XKCD – FreeMan Aug 12 '19 at 15:54
  • 1
    @FábioDias which wouldn't allow "hacking" in order to make the camera do things it's not supposed to, as is the intended meaning. Simple theft is something else entirely. – jwenting Aug 13 '19 at 03:25
  • @jwenting You just, literally, explained one way to get access to your D200. Access doesn't need to be high-tech, or tech at all, might be just bonking you in the head and taking the SD card.... –  Aug 12 '19 at 11:29
0

I am not a hacker but as programmer, I think there is not profit for such action. However it can be done. There is a lot architectures for cameras. They do not use same firmware, same hardware, same properties, etc. So writing a malware could be very very expensive. Recently, by improvement in cameras they can run limited version of operating systems. For example my canon 60D has firmware based on linux. I should note that many of electronic devices may have linux based os for better upgrades and better connectivity with peripheral devices. So the risk of be attacked by ransomware or any malware is increasing, while it is still too low to pay attention. Many of camera hardware breakage are based bad user operation not viruses, for example ejecting memory card without safe removing, ejecting memory card while camera is capturing, or using low quality memories. If some one steal your data or remove them when your camera is connected to a computer, you should worry about computer protection not camera

  • 2
    For example, meteor hits camera? Probability: very low. Impact: need to buy new camera. Mitigation: plan to buy a new camera at some point. Similarly, for example: theft of camera? Probability: likely low to medium, depending on use. Impact: need to buy a new camera, possible loss of images on card, possible psychological stress. Mitigation: keep the camera near yourself when in an untrustworthy setting, possibly don't advertise the fact that it's worth $$$$$. And so on. (Note that these are only examples, for illustrative purposes. If it matters to you, you should do your own risk analysis.) – user Aug 13 '19 at 09:43
  • 1
    @FábioDias You just considered the threat of rogue meteors. You likely quickly concluded that the risk of that is very low and that therefore no specific mitigations are required in your case, but you still considered it. For a proper risk analysis, one would consider the probability and impact of every threat one can think of (including far-fetched ones), and then use the outcome of that analysis to decide what actions to take to mitigate which threats. – user Aug 13 '19 at 09:43
  • 2
    "I think every threat must be considered" That is just plainly wrong. You can consider only credible/probable threats. Otherwise, rogue meteors... –  Aug 12 '19 at 16:46
  • @aCVn Issue: meteor hits camera while in my possession. Probability: very low. Impact: dead. Mitigation: not my problem. =) – scottbb Aug 13 '19 at 17:27
  • 1
    You're rationalizing reasons for not considering this as a threat out of apathy or ignorance. I think every threat must be considered. You're probably too young to remember the "Merry Christmas" computer virus (the first one) written by Richard Brandow. Until that time, computers were thought to be infallible. That's why he wrote it. He became the first tech guru for the CBC nearly fifty years ago. –  Aug 12 '19 at 13:17
  • 1
    @scottbb I see you're getting the idea. :-) (Though usually for high-impact events, you'd typically want some mitigation even if the probability is rather low. That said, for that particular one the camera isn't much related to the event. :)) Basically, this is what insurance companies do all the time... – user Aug 13 '19 at 18:57