Whether you use Zoom, Skype, or Microsoft Teams, your home computer or laptop webcam has probably never been more active than during this pandemic.
Most of us have a camera built into our phone, tablet, laptop, or desktop webcam that we use for work, study, or virtual socializing.
Unfortunately, this privilege can make us vulnerable to an online attack known as camouflage. This is when hackers take control of your webcam remotely. They do this by turning off the “on” light which usually indicates the camera is active – so victims aren’t any wiser.
Many of our device cameras are not secure. In fact, research has suggested that there are globally over 15,000 web cameras (including in homes and businesses) easily accessible to hackers, without even needing to be hacked.
Take Mark Zuckerberg’s advice
When your laptop is off, its webcam cannot be activated. However, many of us keep our laptops in hibernation or sleep mode (who are different). In this case, the device may be woken up by a cybercriminal and the camera turned on. Even Mark Zuckerberg admitted that he covers her webcam and hides his microphone.
The number of recorded instances of images captured through unauthorized access to the webcam is relatively weak. This is because most attacks occur without the user realizing that they have been compromised. Thus, these attacks go unnoticed.
It’s important to consider why someone would choose to hack your home device. It is unlikely that an attacker will capture images of you for personal blackmail or for their own chilling exploits. While these instances occur, the majority of illicit access to the webcam is related to the collection of information for financial purposes.
Cybercriminals frequently try to trick people into believing that they have been caught by a webcam hack. Every day there are thousands of junk mail sent with the aim of convincing users that they have been “caught” by the camera. But why?
Shaming people for “improper” webcam use in this way is a scam, which generates considerable ransom success. Many victims pay for fear of being exposed publicly.
Most real webcam hacks are targeted attacks aimed at collecting restricted information. They often involve groups of tech-savvy companies collecting intelligence and capturing secret images. Some hacks are acts of corporate espionage, while others involve government intelligence agencies.
There are two common acquisition techniques used in attack camfection. The first is known as RAT (Remote Administration Tool) and the second is via bogus “remote technical support” offered by malicious people.
True remote technical support usually comes from your retail service provider (such as Telstra or Optus). We trust our authorized technical support technicians, but you shouldn’t extend that trust to a “friend” you barely know who offers to use theirs. remote assistance software to “help” you with a problem.
An example of RAT is a Trojan horse virus delivered by e-mail. This gives hackers internal control of a device.
When a Trojan horse virus infects a device, it is not just the webcam that can be accessed remotely, it is the entire computer. This means access to files, photos, banking services and a range of data.
The possibility of installing a RAT has existed for several years. In 2015, a popular RAT could be purchased on the Internet for only US $ 40. Malware (harmful software) can be deployed via email, email attachment, or flash drive.
Those who want to learn how to use such tools don’t need to look any further than YouTube, which has plenty of tutorials. It has never been easier for hackers.
Webcams are everywhere
Our homes are getting smarter and smarter every year. In 2018, the average Australian household would have had 17 devices connected.
Let’s say there are one or two laptops, three or four cell phones and tablets, a home security camera system, and a smart TV with a built-in camera for facial recognition.
Add remote video doorbell, talking doll named My friend Cayla, the drone helicopter you received for Christmas, and the toy robot that follows you around the house – and your household may have more than 20 accessible IP cameras.
To better understand your vulnerabilities, you can try a product like Shodan. This search engine allows you to identify which of your devices can be seen by others through an Internet connection.
Practice “cyberhygiene” at home
Placing a piece of black tape over a camera is a simple, low-tech solution to webcam hacking. Turning off your laptop or desktop computer when not in use is also a good idea. Don’t let a device’s hibernation, sleep, or low power mode lead you into a false sense of security.
At work, you may have firewalls, antivirus, and intrusion detection systems provided by your company. Such protections are void for most of us when we work from home. Cyber hygiene practices will help protect you from potential attacks.
Always use strong passwords and avoid recycling old ones with added numbers such as “Richmond2019” or “Manutd2020”. Also, make sure that your antivirus software and operating system are regularly updated.
Above all, use common sense. Do not share your password (including your home wifi password), click on suspicious links and regularly erase your devices of unnecessary apps.
When it comes to using webcams, you might be wondering if you’re ever completely safe. It’s hard to know, but rest assured there are steps you can take to give yourself a better chance.
David Cook is Lecturer in Computer Science and Security Sciences at Edith Cowan University, Edith Cowan University.