Posts

, , ,

Are Hackers Using Your Webcam to Watch You?

webcam-hacking

 

 

Here is an interesting article about how a hacker can take control of your PC or Laptop web-cam. 

 

 

By Kim Boatman

Steven Fox, an IT security expert, was chatting with friends on his webcam one night when he started receiving some strange emails. Imagine his surprise when he opened one and found images of himself chatting.

His webcam had been hacked by a “script kiddie,” a person who uses malware written by someone else to show off their skills at accessing other computer systems, says Fox. He quickly detached the webcam, but he had to reinstall his operating system after he found malware installed on his computer. “It was painful, but it was a learning experience,” says Fox, who writes a column for the journal of the Information Systems Security Association.

The Risks of Web-cams
Webcams may let you stay in touch with friends and family, but they also pose risks of people hacking into them and spying on you. A Pennsylvania lawsuit accused a school district of using webcams on school-issued laptops to spy on students and their families. And in 2009 in China, a sophisticated network of hackers known as GhostNet cracked 1,295 webcams in 103 countries.

Since most laptops now come with a built-in webcam, it’s critical to understand the risks, says Richard Stiennon, a malware expert with IT-Harvest, a research firm that specializes in Internet security. “We all have to become aware that our every action could be watched,” says Stiennon.

How Hackers Attack Web-cams
Most hackers utilize so-called Trojan horse attacks, says Stiennon. You click on an attachment or download a piece of music or video infected with malware, and a hacker is able to remotely control your PC’s functions.

Fortunately, you can take steps to secure your webcam. Experts offer these do’s and dont’s:

[unordered_list style=”tick”]

  • Don’t click on suspicious attachments. You’ve heard it before, but too often we click without thinking. Email attachments remain a prime source for malware. Be wary of those supposedly funny emails forwarded by friends and family. You should also avoid suspicious sites offering free downloads of music, TV shows or videos.
  • Do use a firewall. “Firewalls provide a measure of protection against unwanted traffic,” explains Fox. Your computer comes with a firewall, but you need to make sure it’s turned on. If you use a Windows operating system, click on the Windows symbol in the lower-left corner of your screen, search for Windows Firewall, and you’ll be able to check the firewall settings. If you use a Mac OS, open System Preferences, click on the Sharing icon, select the Firewall tab and click Start.
  • Do use strong antivirus software. Install a security suite that offers malware and spyware protection, then make sure you keep the protection up-to-date.
  • Don’t keep PCs with web-cams in bedrooms. Limit webcam use to high-traffic areas, and remind family members not to do anything in front of a webcam they wouldn’t want the world to see.
  • Do secure your wireless connection. Make sure your wireless connection is protected with a unique password (not the default one that came with the router).
  • Don’t talk to strangers. Avoid IM conversations with people you don’t know, and advise your kids to do the same.
  • Do be cautious about accepting tech help. Would-be hackers have been known to ingratiate themselves with acquaintances by offering computer help. But that gives them the chance to rig web-cams so they can spy on the computer user.
  • Do look for the indicator light. On external web-cams, you’ll usually see a red light indicating the camera is on. Laptops with internal webcams usually have an LED indicator too. If you use an external webcam, simply detach it from the USB port when it’s not in use.

[/unordered_list]

In the end, your best bet is to use a decidedly low-tech solution, say the experts. “The ultimate security control is to cover the lens,’’ says Fox. If your webcam doesn’t come with a lens cover, use an adhesive bandage or even a yellow sticky note to cover it up. (Just make sure nothing sticky is touching the lens itself, so you don’t damage it.) “It sounds silly, but it gives you positive feedback that no one is spying on you,” says Stiennon.

Kim Boatman is a Silicon Valley, Calif., journalist who writes about security and technology. She spent more than 15 years writing about a variety of topics for the San Jose Mercury News.

Article Source: yoursecurityresource.com

, ,

Apple removes “more secure than Windows” claims

Screen-Shot-2012-08-24-at-3.13.59-PM[1]by Kevin McLaughlin

Apple recently changed the wording in the “Why You’ll Love A Mac” section of its website, removing longstanding claims about Macs being more secure than Windows PCs.

For years, Apple’s marketing has centered on the notion that Mac users are immune to the malware that routinely causes headaches for PC users.

Here is how Apple used to phrase this: “A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part.”

But sometime in the past few days, Apple changed this message to read: “Built-in defenses in OS X keep you safe from unknowingly downloading malicious software on your Mac.”

Apple also changed its description of OS X from “It doesn’t get PC viruses” to “It’s built to be safe”.

The original Apple web page, dated June 9 on Google cache, can be seen here.

The removal of Windows comparisons could signal a change in Apple’s security marketing strategy. Apple’s devilishly effective “Get a Mac” marketing campaign focused on the superior security of Macs over Windows PCs, and while researchers have warned that Macs are not inherently more secure, many Mac users still operate under that assumption.

Apple did not respond to a request for comment on the website changes. But security experts suspect that the increasing attention the company is getting from malware authors did play a role in its decision to remove references to Windows.

“Apple does not want to lose its image as a secure platform,” Andrew Plato, president of Anitian Enterprise Security, said in an interview. “A lot of people still see their Mac as fundamentally more secure than Windows. Flashback proved that Macs are just as vulnerable.”

Macs get more attention from attackers

As more iOS devices make their way into businesses through the bring-your-own-device phenomenon, Mac adoption in businesses is also rising, creating a more inviting target for attackers, according to Andrew Brust, CEO of Microsoft analyst firm Blue Badge Insights.

“Macs can’t keep that low profile anymore, and the bullies are starting to target it, with increasing frequency,” Brust said.

Apple has kept security under the same cloak of secrecy as the rest of its operations, but there are signs that may be changing. Next month, Apple is slated to take part in the Black Hat security conference for the first time. Dallas De Atley, manager of the platform security team, will give a talk there on key security technologies in iOS.

On Monday at the opening of its Worldwide Developer Conference, Apple offered insight into the security improvements in OS X Mountain Lion, which is slated for release in July. The big new feature is Gatekeeper, a security mechanism that allows OS X developers to digitally sign their apps, thereby preventing users from accidentally installing malicious software.

Article Source: This article originally appeared at crn.com