It’s cybersecurity awareness month next month, and the time is ripe for emphasizing digital security to the masses. Earlier this year, James Comey, the director of the FBI, revealed that he covers his webcam with tape. His reason? To stop hackers from turning it on remotely.
This week, Comey has again reiterated those beliefs, insisting that his recommendation was perfectly sane all along. So, what is all the fuss about?
This week, a YouTube channel that broadcasts people’s lives (without them knowing) is putting a spotlight on Comey’s advice. All over the world, people are being broadcast on their cams. Unknowingly streaming everything as they go about their daily routines.
On one occasion a young man from Germany is sitting at his desk using his laptop: His calm face betraying a complete unawareness of his unwanted celebrity.
Later a French woman walks across her bedroom in a towel. She is seen – only momentarily – as she passes opposite her device’s camera. The Parisienne woman yet another victim of the invasive channel.
While the numbers aren’t huge, they aren’t small either. The channel has had 100,000 views, though admittedly so far only 250 shameless voyeurs have subscribed! Small mercies. One imagines that the vast majority of viewers arrive at the channel in a viral capacity, after being informed by a friend of ‘victims.’
‘Webcam victims’ and ‘slaves’ are the official terms for the unfortunate stars of the channel. What you might be interested to know is that despite what seems like total abuse – nothing specifically illegal is being broadcast on the YouTube Channel.
In reality, the people on the channel are featured because their webcam is unsecured and freely available via an open port. As such, the folks on the channel are not really ‘hacked.’ Instead, these unsavvy people are unwittingly providing their feed to anyone that wants to watch.
With that in mind, please be sure to shore up your systems and devices with strong passwords. Often, connected ‘IoT’ products, for example, require a setup after you purchase them. Not paying attention to these details can seriously expose you to problems.
Sadly the story doesn’t end there. YouTube is enabling spies in other ways too. Nowadays, YouTube is full of videos that teach people how to spy. Hacking tutorials are commonplace. Raspberry Pi provides a budget hardware platform powerful enough to cause some serious damage. Then there are specialist offensive operating systems like Kali Linux. Kali combined with tutorials creates terrifying opportunities; this is the sad truth.
It is for that reason that Comey puts tape over his webcam. If your lens is obscured – even if someone tries – they can’t make a ‘slave’ out of you; physical protection in a digital age.
In 2016, Facebook profiles have become a Doctorow-esque social currency. Contact lists grow, and people begin to accept ever more random requests to keep their social circle expanding. 300….400….750 ‘friends’? An ever increasing collection of people that could theoretically be YouTube hackers.
In one YouTube video, those interested are taught that by simply replying to a Facebook message a hacker can gain a contact’s IP address. With that achieved they can begin to hack – proof that we must take massive amounts of care when accepting contacts.
The reasons to be paranoid are enormous, and relatively non-nefarious hackers are the least of our worries. Websites like Github are known to have hosted software created for government intelligence agencies.
Last year, an Italian software firm called ‘Hacking Team’ was unfortunately ransacked. After the cyber attack, the hackers dumped the company’s valuable hacking tools on the net. The sophistication of the software would have provided hackers with an immense amount of power – allowing them to take full control of victimized machines, including webcams.
Adam Benson from Digital Citizens Alliance (DCA) understands the problem all too well. The deputy executive director of DCA has recently gone on the record with his opinions about the spread of hacking tools,
‘These are the tools of modern warfare, and it’s troubling to see a platform like YouTube, where millions of people can go and teach themselves how to do this.’
When Benson attended ‘Black Hat’ last year, he met three graduate students that made casual reference to many Remote Access Trojans (RATs). RATs are the name of the specialist tools that enable hackers. The three grad students told Benson that YouTube is packed with tutorials dedicated to RATs like “darkcomet” and “poison ivy.” Worryingly, those powerful tools make hacking easy. Very easy.
In Japan, where hackers have declared the nation ‘heaven’, the problem has exploded, as it is doing everywhere.
What we are dealing with is a hacking virus that is spreading through humanity at an alarming rate. An information disease that possesses a more succinct danger than the digital viruses that we already try to protect ourselves from constantly.
Then there is the problem that the hacking epidemic is always evolving. As time passes, hacking involves changing motivations and desires. Some cyber criminals want cash, and this has led to Ransomware – arguably the most costly malware of our age. Ransomware allows smartphones, businesses, and even hospitals to be ‘held up.’ To regain control of infected systems, people must fork out a particular sum. These sums are estimated to be making criminals millions of dollars.
Then you have corporate spies, government eyes, disgruntled lovers, occasional voyeurs and savage pervs to add to the ever-growing list of hackers.
With all of that in mind, it seems like in some ways we owe this first wave of victims and slaves a debt of gratitude. Why? Because even though the YouTube channel is disturbing, it also helps to open people’s eyes to these important issues – head on.
The channel is an uncomfortable blessing – an education tool that’s raising awareness. It helps to awaken people to the fact that they must protect themselves. Factory settings must be updated. Passwords must be unique and vigorous. VPNs and encryption should be a priority. Updates for devices, software, and antivirus/malware must be sought regularly. After all, at the end of the day only we can choose to protect ourselves from the epidemic.
A well executed ‘social hack’ can soon put a RAT on your machine, so please take your cyber security seriously. The Internet’s vulnerability is out of the bag, and everyone’s talking about it.