Whether you use Skype, Zoom, or Microsoft Teams, the webcam on your laptop device or home PC has probably never been as active as it is during this epidemic.
Most of us have a camera built into our tablet, phone, laptop, or a desktop webcam we use for study, work, or virtual socializing.
Unluckily, this privilege can leave us defenseless to an online attack known as camfecting. This is when hackers gain control of your webcam distantly. They do this by inactivating the “on” light which usually specifies the camera is active – so victims are none the cleverer.
Many of our device cameras stay unsecured. In fact, research has recommended globally, there are over 15,000 web camera devices (including in businesses and homes) readily available to hackers, without even requiring to be hacked.
Take a tip from Mark Zuckerberg
When your laptop is switched off, its webcam can’t be activated. Though, many of us keep our laptops in sleep mode or hibernation (which are different). In this case, the device can be wakened by a cybercriminal, and the camera switched on. Even Mark Zuckerberg has confessed he covers his webcam and covers his microphone.
The number of recorded cases of image captured through unauthorized webcam access is comparatively low. This is because most attacks happen without the user ever realizing they’ve been compromised. Therefore, these attacks go unaccounted for.
It’s important to contemplate why someone would opt to hack into your home device. It’s doubtful an attacker will take images of you for personal blackmail, or their own disturbing exploits. Though these instances do eventuate, the majority of illegal webcam access is related to collecting information for financial gain.
Cybercriminals often try tricking people into believing they’ve been caught by a webcam hack. Daily there are thousands of spam emails sent in an effort to persuade users they’ve been “caught” on camera. But why?
Humiliating people for “inappropriate” webcam use in this way is a cheat, one which generates substantial ransom success. Many victims pay up in fear of being overtly exposed.
Most genuine webcam hacks are directed attacks to gather limited information. They often involve tech-savvy corporate groups conducting intelligence gathering and secret image capturing. Some hacks are acts of corporate spying, while others are the affairs of government intelligence agencies.
There are two general acquisition techniques used in camfecting attacks. The first is termed as an RAT (Remote Administration Tool) and the second takes place via false “remote tech support” offered by mischievous people.
Honest remote tech support usually comes from your retail service provider (such as Optus or Telstra). We trust our authorized tech support people, but you shouldn’t outspread that trust to a “friend” you hardly know proposing to use their own remote support software to “help you” with a problem.
An example of an RAT is a Trojan virus delivered via email. This gives hackers inner control of a device.
When a Trojan virus taints a device, it’s not just the webcam that is distantly accessed, it’s the whole computer. This means entree to files, banking, photos and a range of data.
The capability to install a RAT has been everywhere for several years. In 2015, a popular RAT could be bought on the internet for just US $40. The malware (harmful software) can be deployed through an email, flash drive or attachment.
Those wanting to learn how to use these tools need look no further than YouTube, which has many lessons. It has never been simpler for hackers.
Webcams are everywhere
Our homes are becoming “smarter” each year. In 2018, the average Australian home reportedly had 17 connected devices.
For example, there’s one or two laptops, three or four tablets and mobile phones, a home security camera system and a smart TV with a built-in camera for face recognition.
Add a distant video doorbell, a talking doll named My Friend Cayla, the drone helicopter you were gifted for Christmas, and the robot toy that trails you around the house – and it’s possible your household has over 20 IP accessible cameras.
To better understand your weaknesses you can try a product like Shodan. This search engine lets you to identify which of your devices can be seen by others via an internet connection.
Practice ‘cyber hygiene’ at home
Sticking a piece of black tape above a camera is one simple low-tech solution for webcam hacking. Turning your laptop or PC off when not in use is also a worthy idea. Don’t let a device’s hibernation, low power or sleep mode trap you into a false sense of safety.
At work you may have antivirus, firewalls and intrusion detection systems offered by your company. Such protections are not available for most of us when working from home. “Cyberhygiene” practices will help protect you from potential attacks.
Always ensure secure passwords, and avoid reusing old ones with added numbers such as “David 2019”, or “Manutd2020”. Also, ensure your antivirus and operating system software is repeatedly updated.
For all, use common sense. Don’t share your password (even your home wifi password), don’t click fishy links, and routinely unclutter your devices of unnecessary apps.
When it comes to using webcams, you may doubt if you’re ever completely safe. This is hard to know – but rest guaranteed there are measures you can take to give yourself a better chance.