If You Value Your Photos, Here's a Good Reason to Turn Off Your Camera's Wifi

By now, most people who spend any time online know the importance of ensuring their software is up to date, using an antivirus app, and avoiding the darker corners of the internet to avoid getting infected by malware that locks your files until a ransom is paid. But don’t assume it’s just your computer being targeted; your fancy digital camera and all your precious photos could be at risk as well.


In a report released by security firm Check Point Software Technologies for Def Con 2019, the company’s researchers used details revealed through Magic Lantern, a third-party firmware alternative for Canon DLSRs that unlocks additional functionality, to find and exploit vulnerabilities in the camera maker’s Picture Transfer Protocol that allows images to be transferred to other devices over a USB cable or wifi.

As demonstrated in a video using a Canon 80D DSLR with wifi turned on, the researchers were able to install ransomware directly onto the camera. This not only encrypted the contents of its SD card, including photos and videos, but also locked the camera itself, rendering it useless until a requested ransom is paid and an unlock code is shared with the affected user.

Thankfully, Check Point didn’t have nefarious intentions with this discovery, and its Canon ransomware isn’t out in the wild. Instead, the researchers contacted Canon about the vulnerability back in late March, well ahead of the Def Con reveal, allowing the company to release a firmware update for the 80D last week.

However, a wide range of Canon cameras could potentially be at risk; it’s safe to assume someone else is going to figure out which firmware vulnerabilities were exploited here. As a result, Canon has also issued an official security advisory addressing the researchers’ discovery, advising users to avoid connecting their cameras to unsecure networks or devices, disabling their camera’s network functions when not in use, and ensuring they’ve updated to the latest firmware for their shooter. If you use a Canon DSLR and haven’t seen a firmware update in a while, it’s probably an excellent idea to keep an eye on Canon’s support page until you do.


Tiago Mota

While the article is useful in itself, much like other articles coming from discoveries shown at DefCon, I believe another layer of information should always be present.

In the case of the Canon hack, it seems to require the MagicLantern firmware - which very few people use - and it requires the attacker to be on the same wifi of the camera. Those two caveats already reduce the real number of potential victims to a very low ammount.

I know a host of pro photographers, and only two of them ever used MagicLantern - most to check it out then to replace the original firmware. None of them use the wifi while out and about except when the absolutelly have to check the photo on a bigger and better screen right after shooting, which is rare, and when that’s the case they are usually on a P2P wifi with their computers, not on a public wifi. Other than that, people are weary of the battery usage the wifi has on the camera and mostly leave it off unless they are going to use it.

The article on the iPhone FaceID hack had the same issue: the potential victim would have to wear the glasses and hold still for a few moments for it to work. I guess if you are forced to wear the glasses and held still against your will, having your iPhone unlocked without your permission is the lesser of your problems.

So, digital security is important? Absolutely, no question about it. More people should be aware of security flaws on their devices? Yes, also no question about it. Is the regular person at risk of being hacked while photographing or using a smartphone at all times? Debateable. Let’s not get too paranoid.