With security and privacy in the news seemingly every day, people are becoming more mindful of safeguarding personal information. A lesser-known privacy issue is the possibility of a hacker gaining control of the videoconferencing camera in your laptop, or even in conference rooms. In addition to gaining access to the computer network in this way, hackers can also eavesdrop and watch through the camera. Draper has developed a new white paper entitled “Is Someone Watching” which details this issue, and offers some solutions to deal with it.
Could someone potentially be watching and listening to you conduct business via the videoconferencing camera in your conference room—even when it isn’t supposed to be on?
The importance of keeping videoconferencing cameras out of the room when not in use is underscored by at least two incidents in recent years.
The first came in January of 2012 when HD Moore—a security officer for the company Rapid7 which looks for security weaknesses in Internet of Things devices—was able to hack into videoconferencing equipment. He was able to control the cameras, panning and zooming all around the room.
According to a New York Times article, Moore found his way into venture capital, oil, law, and pharmaceutical companies. He even got into a courtroom remotely through the camera.
The second warning shot came at the 2013 Black Hat Europe, a security conference. During a presentation at Black Hat, Moritz Jodeit showed how to gain root access to video conferencing devices which could allow, among other things, a remote user to take control of the devices—including cameras and microphones.
Does it Really Matter?
Of course, hijacking a webcam on someone’s personal computer and watching in the privacy of a home or office is obviously an intrusion on personal privacy. Even the FBI director and the founder of Facebook are known to put pieces of tape over their laptop webcams for security. But peering into an empty meeting room through a videoconferencing camera isn’t that big a deal, you might think.
Or is it? Much damage can result from overheard business conversations.
One might also feel the possibility of a hacker gaining control of a video conferencing camera too remote to think about.
However, there are many instances where privacy issues mean that any possibility is too much.
To read the complete white paper “Is Someone Watching,” and to download a free PDF copy, click here.