The government of Taiwan announced a ban on the official use of video-conferencing platform Zoom. In an official statement, the Executive Yuan stated that all government agencies and certain non-government organizations are restricted to hold video conferencing calls using Zoom, citing security and privacy concerns. As an alternative, the government recommended agencies to use video conferencing software offered by other companies, like Google and Microsoft.
Chen Chi-mai, Vice Premier and Leader of the Executive Yuan’s overall cybersecurity mission, said, “All organizations introducing information and communication systems should not utilize goods or services that raise data security concerns. In addition, procurement priority should focus on domestically produced goods and services, or those from government-contracted suppliers.”
Many organizations across the globe are relying on Zoom services to hold their video conferences during the COVID-19 pandemic. However, Zoom has been criticized for security issues and cyberattacks.
Taiwan: Not the Only One
Taiwan is not the only one to bar Zoom services. Recently, New York City officials stated that schools in the City will no longer be allowed to use Zoom for online teaching. Australia’s Defense Force and its MPs are also barred from using Zoom services.
Fake Zoom Domains Amid COVID-19
With majority of the employees working remotely, Zoom saw a sudden increase in its popularity. According to a report from Check Point, hackers are taking advantage of the rise in Zoom usage by registering fake and malicious Zoom domains. The report stated that around 1,700 new Zoom domains have been registered since the pandemic, with 25% of the domains registered in the past seven days alone.
Vulnerabilities in Zoom App
Security researchers claimed that Zoom application is vulnerable to remote attacks. According to cybersecurity expert Mitch@_g0dmode, Zoom’s video conferencing software for Windows is vulnerable to “UNC path injection” flaw that could let hackers steal Windows passwords and execute arbitrary commands on their devices. Soon after the vulnerability was identified, the company fixed the issue by releasing a patch. The CEO of Zoom, Eric Yuan, addressed the security issues and stated that a patch has been released to fix the UNC vulnerability. The fix will be pushed out automatically to all the users.