You have probably already seen articles about the possibility of Canon cameras being hacked through WiFi. If this were to occur, it would be possible for a remote hacker to encrypt the SD card in the camera and display a ransomware notice on the LCD screen.
This affects all Canon cameras with WiFi and Bluetooth capabilities. It can also be used against cameras attached by USB to computers that are infected with an applicable ransomware code or connected to an unsecured network. Interestingly, it was discovered through the use of Canon code information provided in Magic Lantern code. That's why the security firm was interested in Canon first, although with sufficient independent research, it should be possible on other cameras.
This was not discovered in the wild. The possibility of such an attack was discovered by a security company and shared with Canon in March. There have not been any reports of this attack actually occurring.
I personally think the chances of this actually happening to someone is pretty unlikely--it's not simple and takes both intentional targeting and a number of chance factors to add up in the favor of the attacker.
Canon has provided a firmware update so far for the 80D with more to follow in due time.
Basic security protocols suggested by Canon should provide protection:
- Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
- Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment.
- Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
- Disable the camera’s network functions when they are not being used.
- Download the official firmware from Canon’s website when performing a camera firmware update.
Canon official notice
Check Point Software Technologies, Ltd. Video
