Home
Internet
Internet News
The FBI can control your webcam without switching on its light: Report

The FBI can control your webcam without switching on its light: Report

By Abhinav Lal | Updated: 12 December 2013 13:11 IST

A recent Washington Post report quotes court documents, and former FBI and Department of Justice officials to allege the FBI has been utilising several online surveillance techniques - including the use of malware, and the surreptitious activation of connected cameras - in the name of national security to investigate and track suspects that may not be known criminals.

The covert use of connected cameras, like webcams, in particular has garnered much public outrage in the past week. The method reportedly used by the FBI ensures the tell-tale recording light of the webcam, or another connected camera, remains off whilst the security agency is recording video and sound - giving the subject no indication of being watched.

However, quoting a former FBI assistant director, Marcus Thomas, the report said the FBI has for several years had the ability to covertly activate connected cameras - something only coming to light now.

The report claims many of the other "network investigative techniques" the FBI uses skirt the law, by gathering vast amounts of information that include significant data on individuals and establishments not directly linked to a crime, or a criminal. Critics quoted say this is in effect like physically seizing the contents of an entire house in search of suspected items.

FBI reportedly also sought and received warrants in several cases from lower courts, which according to experts, didn't have the jurisdiction to approve them, especially in cases where the suspect's location and identity didn't preclude the individual from being a US citizen, or a foreign national residing in the country.

One such case cited by the report was of 'Mo', a pseudonym used by an individual the FBI thought to be an Iranian terrorist, who made several threats to bomb major establishments and public facilities in 2012. In this case, the officials were relying on evidence pointing to an individual using a virtual proxy to conceal his or her identity and location, whilst communicating the threats over VoIP and email.

Court documents reveal the FBI used a malware specifically designed to be downloaded by 'Mo' from any computer across the world, via a Web link in a fake email - a technique that is known as a phishing attack. The malware was a piece of surveillance software that would, once-activated, instantly report information back to FBI Headquarters in Quantico.

Interestingly, the FBI team faced difficulties with this method, initially sending the malware to the wrong email address in a bureaucratic mix-up, and then, having to scramble to quickly develop a new version of the malware when the third-party software it was intended to target received an update. In the end, the malware "never actually executed as designed," according to a note to the court by a federal agent. It did however, reveal two new IP addresses from Tehran, and not much else.

In another case, involving a known federal fugitive, a court authorised the FBI to send surveillance software to the email account of the individual, who was suspected to be masquerading under the stolen identity of a solider in Iran. In this case, the FBI managed to catch its man in San Antonio, who was convicted and sentenced to five years in prison for identity theft and financial fraud.

According to Marc Thomas, with the changing times, law enforcement agencies have had to adapt, realising "they're going to have to be on the device - or in the cloud." The malware used in the 'Mo' bomb threat case in late-2012 is a prime example of that.

Not all search warrant requests by the FBI have been entertained by courts however, with the Washington Post report citing a bank fraud case where federal magistrate Judge Stephen W. Smith ruled that the use of remote activated cameras was 'extremely intrusive', and may capture information about people not related to the crime.

Clarifying the jurisdiction of the Texas court in a case involving the search of computer whose location was unknown, Smith also commented on use of surveillance software, calling it a possible violation of the US constitution's Fourth Amendment on unwarranted searches and seizures.

The law has clearly to catch-up with the law enforcement agencies, whose use of cutting-edge surveillance techniques in keeping with modern times is begging for a revision of statutes for more clarity on the issue. The report quotes Brian L. Owsley, a retired federal magistrate judge, on the developing matter: "Technology is evolving and law enforcement is struggling to keep up. It's a cat-and-mouse game."

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.