It Was Only A Matter Of Time

[smoke665]

Before hackers went after cameras

Security researchers find that DSLR cameras are vulnerable to ransomware attack

 

[Jeff15]

This could only affect people who take particularly sensitive photographs or some other type of high value shot. I don't think I need worry......

 

[Original katomi]

Is nothing safe, as far as I know I don’t have WiFi on my camera, if I do it’s going to be disabled asap

 

[crf8]

I disabled mine to save battery life


FB.me/CRFinTN Facebook
www.flickr.com/crf8/

 

[smoke665]

This could only affect people who take particularly sensitive photographs or some other type of high value shot. I don't think I need worry......

That might be okay if the only images that are encrypted were the current images on the SD card in camera, but what I didn't understand is if the ransomware continues to encrypt images, which would make the camera useless.

 

[tirediron]

It would have to be pretty sophisticated to do that, it would mean actually altering the camera's software which I doubt is achievable for most of the sort of scum bags who would do this. I suspect that this is aimed at the people who buy huge memory cards and tend to leave hundreds, if not thousands of images on them rather than downloading. The worst I could ever lose would my current shoot.

 

[TreeofLifeStairs]

This could only affect people who take particularly sensitive photographs or some other type of high value shot. I don't think I need worry......

That might be okay if the only images that are encrypted were the current images on the SD card in camera, but what I didn't understand is if the ransomware continues to encrypt images, which would make the camera useless.

Right, that or, really they could do anything to the camera to make it unusable. It doesn’t have to be strictly encrypting images.

 

[Soocom1]

Zombie ware actually.
If it has an open I/O port open, its the memory and IP address that they are after.
IoT is a suckers valley and unfortunately the idiots who came up with the IoT didn't think evil would saturate a camera.

in reality malware and ransom ware is only part of the equation.
They don't need to do damage necessarily but instead use the camera as a port.

But also think of this. PLANTING pictures on a camera.
Lets say a certain North State opens up to tourism and decides it needs an excuse... This unnamed North state then via wifi sends planted pictures on a tourist's camera of sensitive location, like a Nuke test site that supposedly doesn't exist or pictures of someone in a compromising position(s) and they need a scape goat.

The implications are far worse than some may think, and older DSLR's like the the pre-50D and Nikon D50 types (HINT), would be fully vulnerable.

My 5D, 10D and Rebel XT are prime targets because they are PTP with no WIFi, but open to a USB. OR, plugging in the CF card and voila.... guess what happens!


Sorry folks, but even I didn't see this coming, but it tells me that unless you shoot film, your open to the proverbial unwanted love session.

 

[vintagesnaps]

Another reason to shoot film!

 

[smoke665]

it would mean actually altering the camera's software which I doubt is achievable for most of the sort of scum bags who would do this.

If a firmware update can alter the camera's software, then a malware or ransom ware can. Code is code, regardless the device. I will give Canon credit, according to the article they are already on top of it with a firmware patch that will supposedly block the hacker.

 

[smoke665]

But also think of this. PLANTING pictures on a camera.

Already here according to article. If you happen to leave your WIFI on in a popular tourist spot you could be infected without even knowing it.

 

[Soocom1]

Now think of gov. applications:
A police officer or Tax assessor, Code enforcement or other who uses the system in the manner prescribed.
Then as they are in the field, they take a picture and the camera is compromised. Then they take the camera back to the office and voila..... instant access to Gov. system.


This is why they no longer allow us to accept flash drives at work for giving or receiving any data.

 

[Original katomi]

Re post 12. Can you images what the fall out would be if a crime scene had been photo,d and the images messed with..
In the past I have used sm mem sd cards 8 g on card per day or location so that if I had a duff card I would only loose so much... think I will get one of those rf card protectors for my sd cards

 

[Soocom1]

Re post 12. Can you images what the fall out would be if a crime scene had been photo,d and the images messed with..
In the past I have used sm mem sd cards 8 g on card per day or location so that if I had a duff card I would only loose so much... think I will get one of those rf card protectors for my sd cards

There is software available to LE and other Gov. agencies that is encryption type designed for what is sometimes called 'actual image verification" or some such verbiage.
The software records the date and time, metadata, et-al. Then that information is cataloged and used to preserve crime scene integrity.
But even that can and probably will be compromised at some point.

talking with the IT dept. today about this, they seem utterly clueless and IMO will have to learn the hard way.

but I guess you dont know how hot the fire is until you stick your hand in it.

 

[Grandpa Ron]

This is a lot of "what ifs". Yes all this technology exists and yes it is possible to do these things. However, it takes talent, equipment and money to implement.

Law enforcement, military and governments may commit the resources to hunt down or spy, on criminals, enemies, and other foreign powers. But are they really going to commit the time, effort and money to monitor your camera 24/7, day after day, to see what you are down loading.

I think my dog photo's and my landscape photos are pretty safe.