Why the director of the FBI says you should cover your webcam with tape

The public doesn't trust the modes of communication it constantly uses, and people are starting to take more measures against cybercrime.

FBI Director James Comey participates in a session at the third annual Intelligence and National Security Summit in Washington, D.C., on Sept. 8, 2016.

Gary Cameron/Reuters

September 16, 2016

Sometimes the most reliable precautions are the most obvious.

At a conference held by the Center for Strategic and International Studies on Wednesday, FBI director James Comey, despite being mocked online for his April admission that he covered webcams with tape as a security precaution, defended the practice as a "sensible [thing] you should be doing."

"You go into any government office and we all have the little camera things that sit on top of the screen," he said, according to The Hill. "They all have a little lid that closes down on them."

Tracing fentanyl’s path into the US starts at this port. It doesn’t end there.

"You do that so that people who don't have authority don't look at you," added Mr. Comey.

Social media users and civil-liberties activists had accused the FBI director of having a double standard on security, noted NPR in April, after Comey said that tech companies like Apple, with whom the FBI was then wrangling over unlocking the devices used by the San Bernardino shooters, shouldn't make "unhackable" devices.

Comey isn't the only one going with the low-tech fix. In June, Twitter users noted that in a photo posted by Facebook chief executive officer Mark Zuckerberg, tape was covering not only his laptop's camera but also his microphone jack. And privacy experts generally recommend the measure as a basic cybersecurity step, in an era when a broad swath of the American public has little trust in the security of their communications.

In 2015, the Pew Research Center found that American adults would not rank any of six common channels of communication as "very secure" when it came to sharing private information through them. Forty-six percent said that calling on a cellphone was either "not very secure" or "not at all secure," and 59 percent said the same of sending text messages.

A month later, a survey commissioned by GFI Software found that fears over cybercrime had risen substantially among the public. And people were beginning to act more aggressively to protect themselves: 63 percent said they regularly changed passwords for websites, half avoided duplicating passwords across sites and services, and just under a third activated two-factor authentication for logging in.

Hacking webcams to control them remotely, a procedure called "remote access trojan" (RAT), or "ratting," happens frequently to people who aren't considered such "high-value" targets as Mr. Zuckerberg or Comey. And the tape-over-the-camera trick is known as a "very common security measure," said Lysa Myers, a security researcher at the data security firm ESET, in a June email to The New York Times.

"If you were to walk around a security conference, you would have an easier time counting devices that don't have something over the camera," she said.

Hackers usually gain access to a camera when a user opens an email attachment or downloads a file containing malware, The Christian Science Monitor reported in June:

Once the RAT has enabled administrative control, it can activate a webcam or microphone – without illuminating the indicator light – in addition to other snooping including accessing credit card information and taking screenshots.

Basic security precautions can be taken against "ratting" include updating software regularly, installing anti-malware software and a firewall, and not clicking suspicious links.

On Wednesday, Comey likened taping one's webcam to locking doors at night.

"It's not crazy that the FBI director cares about personal security as well," he said, according to The Hill. "So I think people ought to take responsibility for their own safety and security."