Remote spying through the webcam has been a known issue for more than a decade, and there are not a few users and professionals who have decided to disable it, despite its usefulness in providing us with video, audio communication, and other functions. Even more so since the COVID-19 pandemic confined us at home and we increased the use of video conferencing applications.
The techniques used and the objectives of cyberattacks through the webcam have been very diverse, from government espionage; the installation of malware with tools like Gumfish; the use of vulnerabilities such as Flash Player to take control of machines; as a way of extorting famous people; for “caught” users in undergarments or simply as a pleasure for those “onlookers” who swarm the Internet invading the privacy of others.
If all of the above was severe enough to take action, the image of duct tape covering Facebook founder Mark Zuckerberg’s computer webcam was descriptive enough. The recommendation of the director of the FBI during a conference at the Center for Strategic and International Studies, when he assured that covering the webcam when it is not in use is one of the “prudent actions that any user should take,” again caused a significant amount of debate on personal webcam security.
How to disable the webcam
It is difficult to assess the extent of the risk of using a webcam. Still, suppose you do not use it frequently. In that case, there is no reason to leave a potentially unsafe recording device permanently accessible and active on your computer, accessing your business or home.
We remind you of effective methods to disable the webcam when it is not in use, but at the same time reversible for other times you need to use it.
Unplug. As simple as that. Ninety-nine percent of desktop PC users use an external webcam usually placed on the monitor. Unplugging the USB connector is a foolproof method that works regardless of hardware or operating system. As it is a plug-and-play, it will take a second to reconnect it when you need to use it.
Cover the lens. If you see a sticker on the top frame of a laptop or AIO, you know what it means. It is a simple but very effective method. If a piece of sticker destroys the aesthetics of your brand new laptop, there are more attractive dedicated solutions that can slide off at will, covering the lens or not. There are many very cheap Internet offers.
Deactivation in BIOS. It is another option for laptops or AIOs with integrated webcams that have this option in the BIOS. You reboot, enter the BIOS, and disable an entry that you’ll see as “webcam,” “built-in camera,” or “camera CMOS.” The option is not usual and is only included in some models. Keep in mind that most built-in webcams use the same onboard module as the microphone, so you could leave it disabled. This is a good option if you want complete video and audio privacy because it is unlikely that an attacker will access it, although it takes longer to reactivate it. After all, you have to restart the computer and re-enter the BIOS.
Deactivation in the operating system. You can quickly disable the webcam at the system level in a couple of steps. In Windows, go to the Control Panel, open the Device Manager-Imaging Devices and click on disable or directly on delete. In operating systems like Windows 10 / Windows 8.1, you can also disable the camera in the Settings> Privacy tool.
Lastly, don’t trust the LED activity light. Many webcams include a light that turns on when they are in use, and in this way, we can know if third parties are using it. However, be careful because it is not a foolproof method.
This was demonstrated years ago by researchers from Johns Hopkins University, who created a proof of concept with a remote administration tool (RAT) capable of reprogramming the chip of some cameras. And they did so without activating the notification light, leaving users completely unarmed.