S 4.40 Preventing unauthorised use of computer microphones and cameras
Initiation responsibility: IT Security Officer
Implementation responsibility: User
Many IT systems are equipped with microphones and sometimes also cameras. The microphone or camera on a networked computer can be used by anyone with access rights to the relevant device file. For a microphone, this would be /dev/audio for the sound card or /dev/video for the camera in Unix. In Windows, the access rights to the corresponding registration keys (HKEY_LOCAL_MACHINE\HARDWARE\.) define who may activate the computer microphone or camera. Therefore, these rights must be granted carefully. Accessing the device file should only be possible as long as somebody is working locally with the IT system. If using an existing microphone or camera is to be prevented as a matter of principle, these must be switched off - if possible - or physically disconnected from the device.
If the microphone and/or the camera is permanently built in to the computer and can only be enabled and disabled by software, the access rights must be granted in such a way that neither microphone nor camera can be used by unauthorised persons. For example, this may be achieved by withdrawing the read rights regarding the device files /dev/audio, /dev/video from all users in Unix and/or by withdrawing the access rights regarding the corresponding registration keys in Windows. In this way, it can be ruled out that a normal user is able to use the microphone or the camera, but the normal user can still play audio or video files.
Regarding IT systems with microphone and/or camera, it must be checked whether the access rights and owners are changed when accessing the device file. If this is the case or if it is desired that every user is able to use a microphone or camera and if this is not only to be approved by the system administrator on a case-by-case basis, the administrator must provide a command that
- can only be activated if someone is registered with the IT system,
- can only be activated by this user, and
- withdraws the access rights from the user upon logout.
As long as the access to the microphone or camera is not controlled by a secure command, these must be disconnected physically from the computer or the computer must be disconnected from the network.
Computers with integrated microphone or camera should be removed from the room or at least be switch off during confidential meetings. For a laptop, any connections established to communication networks not required should be disconnected. In most cases, the easiest way to achieve this is to unplug the corresponding cable.
Review questions:
- No operational necessity for using the microphone: Is there a regulation regarding the switch-off or physical disconnection of the computer microphone?
- For internal microphone and/or operational necessity: Are there unambiguous regulations regarding the granting of rights for using the microphone?