The head of the FBI does it, so does Mark Zuckerberg. Are they paranoid? No, the threat is real.
It’s a remarkable sentence from the head of the FBI. During a question-and-answer session at a university in April 2016, James Comey admitted that he was taping the camera on his laptop: „Because I saw that someone who was smarter than me had taped the camera”, says the chief of the US federal police in explanation.
Mark Zuckerberg also showed the public less voluntarily that he was taping over his camera. When the Instagram photo app, which belongs to Facebook, celebrated 500 million users, an employee took a picture with the Facebook boss. His laptop and taped camera could be seen in the background.
So Zuckerberg and Comey do it. The question is: should everyone tape the camera? The answer is yes – to be on the safe side.
There are two reasons for this. First, people in front of the computer are often not particularly attentive when it comes to their webcam. And even if they are: IT security researchers have repeatedly succeeded in bypassing protective mechanisms.
If you sit in front of your laptop, you don’t pay attention to your webcam
On the first point: In a study by the University of California, Berkeley , 98 people were seated in front of laptops to read texts, write essays, play games or watch videos.
They then asked whether they had noticed anything. Only 27 of the 98 people had noticed that the blue light came on, indicating that the LED camera was on. The small lamp is a protective mechanism that largely goes unnoticed, suggests this study, which, however, is not representative.
IT professionals can activate cameras remotely
In addition, IT security researchers have repeatedly proven that they can activate cameras remotely without the light even going on. Adam Kujawa takes care of the analysis of malware at the IT security company Malwarebytes. According to Kujawa, webcams are usually taken over via so-called Remote Access Trojans (RAT). This is software that can remotely record passwords, control the desktop or switch on the camera. „In principle, all systems are affected,” says the malware expert.
Matthew Brocker and Stephen Checkoway from the renowned Johns Hopkins University showed at the end of 2013 that they could turn on cameras built into Apple devices in this way. The results were demonstrated on Macbooks released before 2008. The two security researchers also showed ways to fend off the attack.
Hackers can buy spy software cheaply
„We did not present our code to the public,” says Brocker when asked. Means: Even if it were still possible to control the cameras in this way, the attackers would have to find the way to get there themselves. Apple itself was informed by the researchers. Windows systems are also vulnerable to such attacks.
IT security researchers often say that intelligence services in particular have enough resources available to spy on people via webcam, as, for example, the British secret service GCHQ did according to the Snowden documents . It’s more difficult for petty criminals.
According to security expert Kujawa, building RATs yourself is complicated. However, anyone can easily buy the software, depending on the performance, the price is between 50 and 1000 euros.
Protecting yourself from such attacks is also simple. A post-it note is enough. Or a webcam cover. It only costs a few euros.