We all need webcam security at home to avoid falling prey to hackers and online snoops.
Webcam hacks have become a favorite pastime for snoopers who unashamedly peek into our private lives and share their findings with the world.
Some, including online sexual predators, want to prey on children in particular.
Webcam exploits have also spread to smartphone and tablet front-facing cameras, and the whole line of the Internet of Things devices mainly used by children!
It gets worse now that CCTV and IP cameras are installed in many homes, making everyone in the house vulnerable!
A simple search of ‘view private webcam’ or visiting Insecam or opentopia can give you a pretty good idea of what is happening. Live coverage of people’s homes is viewable online, all for free!
How webcam hacking works
For anyone to access your smartphone or computer camera, he or she must be able to install a back-door or rootkit software on your computer using a Trojan horse.
Upon execution of the malicious file, your IP address will be relayed back to the online criminal.
A Trojan will manifest as:
- antivirus or other malware
- friendly mail or pdf file
- network link
- smartphone app
- notification
- etc
In what is known as camfecting, a Trojan execution file will be shown to you as a cool tool to help solve a problem on your computer. Then it will install client hack tools and shell command capabilities, and amongst many trickeries will monitor hardware and computer keystrokes.
Then with the help of a remote administration Trojan (RAT) application, your computing devices become subject to manipulation without you ever suspecting. Your storage media, web activities, microphone, and webcam are turned into ‘slaves’.
Below are some examples of remote administration exploit tools:
- Blackshades Remote access Trojan
- Metasploit
- DarkComet
- SubSeven
- Back Orifice
- Lost Door Remote Administration
- Skype Webcam Hacker
- AndroRAT for Android
Besides installing trojans, hackers also use sophisticated online tools and brute-force attacks to access IP cameras connected to the internet.
So, every time you are monitoring your home from your camera in the office, you probably have someone alongside you surfing through the videos. Beware!
You can secure your webcam at home with the following tricks
Whereas you have no control over government security webcam installations, live cams, and hobbyist webcams that are streamed online, you should have a degree of control over what is harvested from your house.
1. Be wary of downloads, apps and links
Implement webcam security by staying away from unsolicited files, apps, and links.
Hackers will always exploit your curiosity by exposing your eyes to friendly emails, images, video files, apps, downloaders, malware removal tools, unsolicited Skype chats, and other social engineering hacks.
In brief:
- don’t open files whose sources you don’t know
- avoid installing apps you don’t know
- don’t open mail, images, links, PDF files you don’t know
- be wary of downloaders that want to self-install
- be wary of mobile apps that want to access your smartphone camera
- beware of insecure websites
Make sure to read app reviews and monitor what or who you are dealing with online before downloading or opening unfamiliar files.
2. Install and update security software
Secure your webcam by installing trusted security software on your computer, and update these regularly.
Likewise, install trusted mobile antivirus and Virtual Private Networks apps on your mobiles.
Good anti-malware software will throw up red flags whenever Trojans try to download and install.
To complement this, allow the security software to remove malware immediately and exercise caution when including apps in the Exception list. Adding
Trojan files in the antivirus exception list will leave your computer open to all kinds of remote attacks.
Further still, get into the habit of running whole computer scans regularly. This way, the security scan will pick up hidden rootkits and backdoor threats that went unnoticed in previous scans, probably because of outdated virus definitions.
Update other applications such as java.
3. Keep an eye on webcam light
Usually, the webcam light will turn on whenever the laptop webcam is in use. This alerts you the camera is rolling, and someone is watching you.
If the light turns on when you have not turned on the camera, then, some remote script could be running in the background. Check to make sure you did not start the software accidentally and that you are not being watched!
However, you should not solely rely on the cam light to sense trouble. Some Webcams don’t light up at all. This can happen when the camera light has malfunctioned or the remote script has disabled it.
Again, many smartphone cams do not have front-end lights thus giving the hacker leeway.
In 2013, successful exploits managed to turn on MacBook laptop webcams without triggering its lights! Make sure to close the lid or completely turn off the laptop if you are not using it.
4. Cover the webcam
You will want to secure your webcam further by covering it up until such a time you will need it.
Cover the webcam using a post-it note or sticky tape but remember not to mess it up by using excessive adhesive.
Of course, the recourse changes when it comes to your smartphone. With the selfie craze all around us, you may want to have your front-facing camera on at all times.
For mobiles, therefore, make use of other preventive measures explained herein.
5. Disable the webcam
You should also consider disabling the webcam on your computer if you are not going to use it.
Apart from the usual video chats via Skype and other tools, webcams are utterly useless when it comes to taking photos.
If you do not rely on your laptop for communication, consider disabling the webcam completely.
For Windows users, this can be done in Device Manager or the BIOS setup pages. In Device Manager, right-click the laptop webcam under Imaging devices and select Disable.
6. Use secure passwords for webcam security
All computers and mobile devices in your household should be secured with passwords.
In addition, set them to request passwords whenever they wake up from Sleep or Hibernation. This may help against exploits that are targeted at idle devices.
Secure passwords should also be the ultimate solution if you have installed CCTV and IP cameras and network devices. Ensure to change the default passwords that ship with the devices.
8 character or longer passwords comprising upper- and lower-case letters, symbols, and numbers should help dissuade hackers from exploiting your installations. Long passwords are harder to guess.
Improve overall home security by changing your passwords every once in a while, and making sure they are well encrypted. You don’t want to be smoked out at the storage level.
7. Don’t jailbreak or root your smartphone
Apple endeavors to improve user security in every version of new IOS firmware. But this security is easily breached when you choose to jailbreak your iPhone.
When you jailbreak an iPhone or root an Android device, you basically interfere with security checks and limitations that are written within the firmware.
A jailbroken iPhone allows good and evil third-party apps other than those sanctioned by Apple to install and run.
Xsser mRAT, PlaceRaider, AndroRAT are just a few examples of remote access exploits that can run on jailbroken and rooted Android devices while transmitting phone contents and images to remote users.
In order to secure your Apple device, do not jailbreak it and always update it to the latest firmware. For Android users, install and run trusted anti-malware apps while watching out for malware apps!
