Wireless Webcam - A vulnerability ?

So today a family member told me about a “Dr. Phil” episode in each it was debated (not much of a debate) what happened in a district school in Philly regarding the use of webcams to spy on kids.
In that episode they invited some IT guy, this guy stated that it was very easy for someone to hack in to a laptop and access a persons Webcam.
According to him it would take 30 mins. max. to gain control of someone’s webcam if the attacker and the person were on the same wireless network. He guaranteed that (to a person with knowledge) it was always possible to gain control over it independently of the computer security! in 30 mins.!!

I do not have an episode link, but I ill try to get it so you guys can see what I am talking about.
Now my questions are, is it in fact possible to a third person to gain access to a computer’s webcam if they are on the same network? wireless or wired
How does Comodo protects against this type of network attacks. (I am guessing it would have to be some sort of exploitation)

The best way to avoid this situation is to disable webcam when not in use
I don’t know how comodo firewall works on wireless connection but you can set comodo to block all incoming connection so that you wont be hacked easily
tis also maybe of some help

They will start with ARP cache poisoning for which CIS will protect when enabled. ARP cache poisoning will allow to have the local traffic router through their laptop.

If you on top of that don’t share files and folders over your local network and have CIS set to stealth these people will have a hard time trying to get in

I think the real issue is accessing the web cam itself.
As the ones I looked at would connect to your private network via a wireless router, it is safe to say the security measures available in your router for wireless connections should be set to the maximum or highest possible including stealth (don’t broadcast) and a strong password.

This is all assuming the webcam is wirelessly communicating directly to a computer with CIS installed, now what if it’s a network webcam?

Then the camera will need its own security measures along side the measure suggested by John

Webcams and microphones hijacking seems to be already exploited by Cyber criminals through a functionality of Flash Player http://www.pcworld.com/businesscenter/article/255979/banking_malware_monitors_victims_by_hijacking_webcams_and_microphones_researchers_say.html

Make sure you set you WIFI to WPA2 - AES, no TKIP. and use a strong key, long, mixed chars etc.
Never ever use a dictionary word as a paraphrase!, as that can be cracked in minutes.
Also make sure to disable WPS as that can be tricked over the wireless network by the attacker.

If you set these the hacker can’t get access to the wireless traffic cause it’s point-to-point encrypted.
Other attacks might be done but they should be on the level of the PC monitoring this webcam, like the mentioned flash attack etc.

Add the option not to broadcast as you are less likely to be hacked if they don’t know you are there.

Please beware that this does not add security to your WIFI it will only hide it for the one’s that don’t know where to look :wink:

I am actually refering to a Webcam integrated in a Laptop, not a wireless webcam in a Network. I apologize if the title of this topic is a bit confusing.

It is that easy to hack into someone’s webcam !??
I do have those wireless security meaures in place, with exception of the broadcasting SSID, but with the area around my house (garden) it is unlikely that someone would ever pick up the signal, even inside the house the wireless reception is terrible!

My biggest concern is when I am using Wifi networks in library, Restaurants, Malls, etc, someone else can easily hack into my computer? no matter what security I have if they are on the same network? Actually if they can gain control over the Webcam aren’t they also able to access all my files?

If you use public/open WIFI ALWAYS use a product like ‘Trust Connect’ or other VPN providers that give you a encrypted tunnel from your laptop towards that provider.
On that provider edge you will enter the internet unencrypted, this makes it hardly possible for attackers to ‘see’ your traffic.
And as ever watch your SSL bar, and verify the Certificate and force ‘hard-fail’ in your browser for OCSP/CRL requests so that if the cert is fake your browser will block it.


Was it something like this Webcam (Short Film) on Vimeo Webcam [Short Film]?

No, I was reffering to an episode of “Dr. Phill” in wich they invited an IT expert (??) to debate webcam vulnerability.
I finnaly got the episode uploaded to youtube. Please take a look at what the IT guy said. Is that all true? regarding that it is that easy to do it and that network protection is not based on keeping ppl out but in detecting ppl when they got in?!
Also does comodo automatically protects me from this attacks? ARP chace is the only option that I should enable?

If you use public/open WIFI ALWAYS use a product like 'Trust Connect' or other VPN providers that give you a encrypted tunnel from your laptop towards that provider.
I now that VPN would provide me with aditional security but it is a paid service. I use free Wifi Hotspots because I don't have to pay for the internet. If I was to pay for anything I would prefer a 3G connection since I would be immune to this attacks and I would have internet almost every where. But doesn't comodo firewall protects againts this type of exploits? I mean if Comodo Firewall doesn't protect me then what will?

I watched the video and I think there is some sloppy journalism and scaremongering going on there. It really brings steam out of my ears and nose with anger.

There’s actually a lot of factors involved in that In return for this honesty the expert gets reprimanded and the dumbing down sets in

"and the wireless is on their wirelss.The expert assumes that he has access to the neighbours wireless. Assuming the neighbours did not give him access he would need to use an ARP cache poisoning attack. CIS will protect from that (it needs to be enabled though)

It may sometime take less than 5 minutes sometimes to get in.If the ARP cache poisoning attack had succeeded you would still need to ■■■■■ the encryption. The outdated and now depricated WEP encryption can be hacked that quickly. Most people are no longer using that. WPA/WPA2 takes much much longer.

there are ports open that allow that to happenThat is only if sharing files and folders over the local network is enabled. Otherwise there will not be an open port when using CIS.

ports are like a door, when you open that door anybody can come in just as long as you know how to get there. Standard ports are related to a specific program or Windows service and hacktools will try to target vulnerabilities for those. Only when unpatched vulnerabilities exists hacktools can abuse the entrance an open port provides. That’s why it is important to have your OS and programs up to date. That way you will be sure there as little vulnerable programs or services as possible. On top of that the Buffer Overflow protection of CIS will catch almost all of the unpatched vulnerabilities.

We may not be secure as we think we are,… particular with wireless…That’s the scare mongering punch line Dr Phil wanted to make

If somebody has access to your local network it is really easy The expert restated that
assumption. Remember how he started with “There’s actually a lot of factors involved in that”. Let’s give him the benefit of the doubt that he is now trying to tell a more complete story after he has been run over by Dr. Phil and his desire to make a scaremongering punch line

In the introduction the expert states the following:

  • There is a new school of thought in security.We used spend all our money and everything on trying to prevent people from coming in.When looking with the Comodo, and other HIPS based firewalls, perspective. With D+ and sandbox preventing malware from entering the system in the first place is what sets these products apart from the classical solution with AV program and network only firewall.
  • That’s no longer the case. Now it’s about monitoring how people have come in, how fast you can detect people and how to get rid off them from coming in.Not something Comodo believes in. Prevention is what Comodo brings; malware is not infecting the system. Remember that when infected with an information seeking malware all the information it is after is send in the first 2-3 minutes after infection. We don’t want it in and CIS does a very good job preventing it entering in the first palce

And before I forget. There is another very simple solution everybody can take. Put a something over the lens when not using the camera.

I chose to respond to quotes from the show and that may scatter the information. I hope my comments help to understand that things are not as simple as presented in the show, that it takes more effort than suggested to break in and enter and that CIS will protect you from getting infected in the first place.

Hackers will just use a RAT (remote administration tool) like blackshades or darkcomet to acces a webcam.

But how does that tool come in in the first place?

That is also an option, there are multiple options for every type of attack.

But please keep in mind that during use of Open WIFI you can NEVER assume to be safe, and you should NOT use plain-text protocols (e.g. Telnet/http) to submit sensitive data.
There is always the chance that there is someone listening in, and can eavesdrop on your traffic, or play Man-In-The-Middle with you.
Just use at least services like TrustConnect or OpenVPN or similar to protect your data, also watch your browsers SSL certificates closely, it’s that simple to strip SSL off and send you a clear text http page instead of the original SSL you started on.

Thanks EricJH for reviewing the video and clarifying things out. :wink:

It may sometime take less than 5 minutes sometimes to get in.If the ARP cache poisoning attack had succeeded you would still need to ■■■■■ the encryption. The outdated and now depricated WEP encryption can be hacked that quickly. Most people are no longer using that. WPA/WPA2 takes much much longer.
But when the expert reffered to the 5 minutes he was assuming that he was already inside the network so no need to ■■■■■ WEP or WAP2 encryption. So you say that if a person is on the same network as me, he/she could only gain access to my webcam if they exploited vulnerabilities in programs that have doors opened on the network. Therefore keeping windows up to date and CIS overflow protection on is enough to avoid getting hacked?

What about listening on the communication between the webcam and PC? playing man in the middle, would that work or is the data encrypted? If this would work there would be no need for the same network. I doubt however that the data isn’t encrypted or is somehow unfeasible to spy on directly over the wireless connection.