33 types of Canon cameras can easily be infected with ransomware

A few months ago a cybersecurity report revealed that at least 33 Canon cameras were exposed to the exploitation of some critical security vulnerabilities via WiFi or USB, which could lead to ransomware infections, compromising the files stored in the device’s memory.

Shortly after the release of the report it was confirmed that the issue (a vulnerability in a standard communication protocol) could also affect other companies’ products. Nearly half a year later, Canon mentions that 30 of its vulnerable cameras have already been completely corrected, although the flaw still persists on three popular models: Canon EOS R, Canon EOS RP and Canon PowerShot G5 X Mark II.

Full list of exposed cameras
SOURCE: Check Point

The report was presented by cybersecurity firm Check Point, including a proof-of-concept showing how to infect a camera (Canon EOS 80D) with encryption malware with relative ease by abusing some security holes in the Picture Transfer Protocol (PTP), a standard used in cameras and computers.

This is a standardized protocol and is present in the models of many other camera manufacturers, so the scope of the vulnerability has not yet been accurately determined. In the report, Eyal Itkin, Check Point’s cybersecurity researcher mentions: “We focus on Canon because of its predominant character in the market, however, it is necessary to mention that this protocol is present in virtually all cameras digital available.”

When the first report was published, Canon emphasized the fact that there were no known cases of exploitation of these failures in real-world scenarios. However, the International Institute of Cyber Security (IICS) points to the long time it took the company to release updates as a new risk factor for users. Firmware updates are now available (except for the three models mentioned above). Users should update as soon as possible to mitigate any risk. It should be remembered that this is a security issue inherent to most camera manufacturers, so users of other companies should consult with the manufacturer about safety risks and protective measures.