If you look around you, there’s probably at least one internet-connected camera staring you in the face right now. It could be on your laptop, tablet or phone. They are everywhere and a hacker with the right skills, tools, and luck can access that device to spy on you.
Webcams are a serious privacy concern and the fact that they are built into so many things now make it paramount that you know how to mitigate or prevent hackers from using your own hardware against you.
How The Hack Does it Happen?
The main attack vector for webcam hacking is malware. This can be part of another software download, an internet worm or some other delivery method such as email attachments. These malware packages can take low-level control of your computer, including the camera. Sending footage or image back home.
While malware is a wide, scattershot approach, sometimes specific camera models will have bugs in their firmware which, once discovered, makes them a target for hacking. For example, it was recently discovered that a wide range of D-LINK IP cameras was vulnerable to hacking, leading to a lawsuit by the FTC.
Effective Ways to Defend Against Webcam Hackers
However you might be hacked, here are some ways to make it harder to become a victim of camera spying. While no defense is foolproof, by following these guidelines you can tilt the odds sharply in your favor.
Invest in Anti-malware
While there’s plenty of great free antivirus software out there, they can and do miss some malware. Which is why you should also install a specialized anti-malware package to deal with this other type of malicious software.
Turn it Off!
Some webcams have a physical power switch or can be unplugged if they are external. If you can disable the camera in this way while not using it then it’s a good idea to do it. Physical disconnection is not possible with laptops or other mobile devices, but desktop users still have this option.
Watch for the Light
Many webcams have an indicator light which comes on when it is streaming or recording. If the light is coming on when it shouldn’t, you should run a malware scan just to be sure. Unfortunately, this is not the most foolproof way to detect spying, since some malware can disable the light while still operating the camera.
Cover it Up!
The most effective method for built-in cameras is to stick something over the lens so that spying visually is impossible. A small piece of clear tape or a piece of sticky note will usually do. You can take it off when you want to use the camera.
Update Your Firmware and Drivers
This is by far the most important one. Webcams and IP cameras from respectable companies tend to get security updates quickly. Check often and update your camera’s firmware and software as soon as possible.
Use a VPN
One way of using webcams to spy on people is to intercept the actual video stream. On platforms like Skype this is unlikely thanks to their encryption, but by using a VPN you encrypt ALL data leaving your computer. In which case, there is essentially zero chance of anyone piggybacking on the camera stream.
We’ve picked out our favorite VPNs of 2018, which is a good place to start if you don’t already have one.
Change Default Logins
When it comes to IP cameras connected independently to your WiFi network, one of the biggest mistakes people make is not changing the default username and password. Which means that a hacker who manages to bypass your firewall can take over the camera with ease. This is such a simple precaution, yet many people never touch the defaults, leaving them open to exploitation.
Be Careful of Dodgy Apps
On mobile devices, malware is just as much of a problem. Rooted devices running homebrew software and users who sideload applications outside of the official app stores are at a higher risk here. While the malware filters on Google and Apple’s app stores aren’t perfect, it’s very unlikely you’ll pick up anything nasty there. If you’re not getting your software there, there is no way to tell what has been tacked on by the anonymous provider.
Think Twice About Camera Permissions
Most of us just absentmindedly tap “allow” when an app asks us for permissions, but we shouldn’t. In general, we should think about why a particular app would even need certain types of access. For apps that want camera access, this is twice as important. If you never intend to use the camera with a certain app, don’t give it camera permissions. It doesn’t need them. Only give camera permissions to apps where such permissions both make sense and you intend to make use of them.
Treat All Cameras as Live
Even if a hacker gets to your camera, they won’t stick around long if there is nothing to see. Treat every camera lens pointed to you as live and don’t do anything in front of them that you’d be embarrassed to see in public. If you need to do something truly private, don’t do it in front of a camera.
The Unblinking Eye
The idea that someone could be spying on you through your various web-connected cameras is really terrifying But panic is not going to make the situation any better. So keep calm and follow these simple tips. Hopefully, you’ll stay out of sight and out of mind.