Webcam security: Understanding this modern day threat
FYI, this story is more than a year old
On June 21st, 2016, Mark Zuckerberg, Facebook’s CEO, posted a message on the social network, celebrating an Instagram landmark. The photo and video-sharing platform, which is owned by Mr. Zuckerberg’s company, is now enjoyed by more than 500 million active monthly users.
He said: “This is a tribute to Kevin Systrom and Mike Krieger’s vision, and to people everywhere who have opened a window into their world – from big events to everyday moments. Thanks for making Instagram such a beautiful place.”
So far, so good, and plenty of reason for the social network superstar to be happy. However, this seminal moment was quickly forgotten. Why? Well, there was what proved to be an interesting picture attached to the post, with Mr. Zuckerberg holding a cardboard cutout of an Instagram post.
Again, fairly rudimentary. However, behind him, on his desk, sat what is thought to be his personal MacBook. Not only was the audio jack covered with tape, so too was the built-in webcam. Needless to say, it caused quite a stir online. What was going on?
Webcam security: A very real thing
Our collective understanding of cybersecurity is improving slowly but surely. This is a positive thing, as the threat of cybercrime is growing by the day. So much so that security professionals have admitted to being very concerned by its rapid rise.
However, there are definitely some gaps amongst the computer using populace. One of the positive things to come out of Mr. Zuckerberg’s unintentionally viral Facebook post is that it raised awareness of webcam security and associated vulnerabilities, which has only very recently become an area of real concern in circles outside of the information security industry.
Moreover, in today’s increasingly connected, Internet of Things enabled world, it’s going to be more of a problem than it is today. In which case, we can all welcome the upswing in webcam security visibility, courtesy of the social network pioneer.
It started with coffee
The origins of the webcam are surprisingly quirky. Researchers at the University of Cambridge in the UK wanted to ensure that they could always guarantee they’d always be able enjoy a cup of coffee with little effort. However, with multiple individuals working on multiple floors, it was a game of luck – the pot was located in one location and it was not visible to most people. As such, the pot could be full, empty or somewhere in-between.
This proved to be rather disquieting to the researchers, so a couple of them decided to rig up a camera in the room to monitor the coffee pot. In turn, this could be observed by all concerned parties via the university’s internal computer network. This was the start. The web breakthrough came in November 1993, when Dr. Martyn Johnson built a script around the captured images.
“And so,” the BBC reported a few years ago. “It was that the grainy images of a rather grubby coffee pot in a university lab were written into computer science folklore, as the first ever webcam.”
Exploitation of webcams
Expectedly, this technology, which has since evolved to offer us online video conversations, remote conferencing capabilities and the ability to vlog, has attracted the attention of cybercriminals. If exploited, through the installation of a remote access tool, for example, it can offer unscrupulous individuals a high degree of ‘access’ to our homes and the most intimate and mundane aspects of our lives.
As with most successful malware, the victim is usually unaware that anything is amiss, meaning cybercriminals can spy on people from a remote location comfortable in the knowledge nobody knows what they are up to. And all because of a technology that is now a fundamental part of your smartphone, tablet or personal computer.
As independent security analyst Graham Cluley noted last year: “Virtually every computer sold today comes with a dirty little secret: it can spy on you. What’s more, if attackers can infect your computer with malware, they can hijack your webcam and secretly watch you too – regardless of whether they’re based down the street or on the other side of the world.”
However, in some instances, attackers will let their victims know that they have been watching them. Why? Well, in some instances, it’s to do with deviant behavior, as demonstrated by the case of Cassidy Wolf, an American model who was crowned Miss Teen USA 2013. In other instances, it’s to do with extortion – “we will publish intimate photos of you if you don’t pay us a ransom”.
Be inspired by Mark Zuckerberg
So, clearly we need to be more thoughtful when it comes to webcam security. Knowing what to look out for and what to do is increasingly important, because it can make a huge difference to how you respond to a situation.
“Imagine a situation where you are working on your laptop and all of the sudden the green light next to your built-in webcam blinks for a second and immediately goes dark again,” noted ESET’s security evangelist Ondrej Kubovič. “Would you just ignore it? Or would you start digging around to find out if it was something more serious?”
The main thing to understand is that when it comes to webcam security, you need to be proactive – change, for example, the default password, as this can easily be compromised by cybercriminals.
As ESET’s security Specialist Mark James stated in 2014: “Education is the key point here – the end user needs to be fully aware that a default password exists and easy instructions on how to change it.”
Another top tip is to cover your webcam (again, this requires you to take the initiative). While using tape, as Mr. Zuckerberg did, works, you’re probably better off investing in something that is more professional (and easy to use). This means you can simply cover your camera when it’s not in use.
We live in a world where innovation in technology is reshaping and enhancing the way we live. Smartphones let us do all sorts of things on the move, smart technologies let us talk to fridges and cars and webcams give us the opportunity to see more of our friends, family members and colleagues, even though they are far and wide.
Yet, at the same time, cybercriminals are always looking at ways of exploiting technologies, meaning our fridges, our cars and even our webcams are vulnerable to all sorts of attack. Yet, with a bit of effort, a security solution across all devices and vigilance, we can keep these threats at bay and enjoy all the perks that come with the latest gizmos.
Article by an editor for We Live Security