The digital cameras stare at users all the time, and yet no one pays attention what happens behind the glossy optic. For example, Intelligence Agencies have been using it as tools to spy on civilians for more than 10 years, and hackers have been exploiting them with far less announcement. Since the ransomware uproar, a little has been told of more serious threat “the all seeing eye” attached to every single computer in the world. The possibilities of their abuse worldwide seem like camera infecting Armageddon.
Camera hijacking
Computer camera attached to a computer can be accessed through Remote Administration Software which Microsoft is implementing by default to OS for user support. The hackers have found a way to program this software and break into the computers without the permission. This is when the hijacked software gets a malicious name Remote Access Trojan (RAT).
One of the ways this malicious virus can be implemented onto victim’s computer is through Email phishing. Upon receiving deceiving mail message, the user that clicks on the infected executable file installs the malware onto the computer. Clickjacking as it is called is the form of attack where the hacker gets the access to the computer. Devious spy will get a chance to watch victim’s every move. Not only is web camera hijacked, hacker now has access to read messages, capture screen, and keyboard.
All things aside, the scariest part is camera abuse, and its consequences can cost far more than ransom to retrieve data. Perhaps the price is not money related, but even so, the victim will pay a high price in emotional, mental state, and well-being in general.
Majority of digital cameras have weak Security Protocols, which makes them the easiest to access. Even someone with little or no knowledge of hacking can easily access less secure cameras. Disturbing videos on YouTube “How to hack a camera” are just adding to the paranoia that anybody can do it. The news is spreading fast, and so eccentric photographer Zachary Pointon decided that instead of taking photos of people in the streets, he will use unsecured cameras around the world. An unnoticed silent observer “the all seeing eye” is attached not only in the public spaces, but hospitals, homes, and even more disturbing baby cribs. Not to mention that there are services like Shodan, an online tool that crawls the web in search of Real Time Streaming Protocols. Since it is so easily available to anyone, any device connected to the Internet makes the theory “no place to hide” extremely frightening.
Privacy in danger of blackmail, extortion, ransom
Knowing the fact that hackers like to monitor every single thing user does on the computer, it is no wonder their weapon of choice is spyware. But, this time they are one step ahead and using the data collected. Some of them don’t bother to sell the information further. They use the camera to take photos and videos that will be a tool to capture compromising moments with which to blackmail their victims. There are various testimonies of people being blackmailed for money, through captured videos. Most of the users are scammed. Usually, it involves romance scams, where victims are lured through social networks or dating websites. When they have enough compromising material they start blackmailing unsuspecting victim to pay or the videos will be released in public. According to police and the scams reported, the sums are in between 500$ and 3000$. However, this is never a one-time payment. Wrongdoer still has the videos and since it’s already paid once, the victim is most likely to be “returning client”, in other words, pay again.
More surprising is that hackers have a secret deal with pirate websites. They pay a sum of 500$ to 5000$ to the websites, depending on how many computers get infected with their spyware. This alliance is often referred to another form of camera related crime ransom or extortion. A former prosecutor in L.A. Hamenshu Nidam said: “They can lock your computer and everything in it and demand payment. Or worst of all, they do what is called ‘slaving’ your computer. They turn on your webcam.” Using all of your computer stored data, hackers demand ransom. Several cases have been reported, that they falsely represent themselves as Australian Federal Police (AFP). The culprits demanded ransom in form of fine in exchange to unlock the computer, meanwhile sending photos to victims taken by their own cameras.
Prevent, Defend, Protect
Interestingly, there are still people blissfully ignorant about all this. The user survey conducted for market research says that when asked if they cover their camera 60.2% said no. Covering camera with tape or paper is step getting away from cyber bullies, the tape will eventually start to peel off. But a strong desire to get away from someone who wants to use your compromised privacy for gaining money will always be present. If the tables somehow magically turned, and it was their face plastered on the public wall, they would be the ones with no place to hide. ShieldApps Software Innovations has put an effort to give a user a chance to fight back. Identity Theft Preventer has been tested by experts to protect digital privacy and stored personal information from external abuse. Newly developed webcam and microphone blocker have been added to keep users privacy and identity from anyone wishing to abuse them. Identity Theft Preventer has a defense mechanism that scans and flags sensitive and personal information, giving the owner opportunity to prevent hackers abusing their privacy.
Being watched is frightening enough, but having no possibility of stopping it is even scarier. Hackers are using any tool possible to reach one goal – financial gain. The downfall of it all is that accessing the camera with low security can be done by a beginner. The theory is that the ones inflicting much greater damage are hiding behind the amateurs experimenting with hacking webcams’. Police gets distracted with minor offenders and the real delinquent gets away. Therefore, the user has the power to do anything possible, prevent, defend and protect his privacy and evade the possibility of being a victim of cybercrime.