Video conferencing app maker, Zoom, has launched a new feature in its latest update that will help the conference hosts to block uninvited guests known as “Zoombombers,” from entering the calls. Zoom calls this new feature, “At Risk Meeting Notifier.”
What is “Zoombombing”
Zoombombing attack is an instance where uninvited guests connect to a Zoom meeting room and disrupt the meeting by doing non-contextual things like hurling insults, playing pornographic content, or making threats to other participants. Typically, a Zoombombing incident takes place when participants knowingly or unknowingly shares a Zoom meeting ID (and sometimes its password) on social media, or discussion forums like Reddit and Quora threads.
How “At Risk Meeting Notifier” Will Help
The “At Risk Meeting Notifier” feature will constantly run on Zoom’s backend servers. It is a fully automated process with no manual intervention required. This feature constantly scans and compares the Zoom’s Meeting ID of the conference call against the posts published across social media platforms and certain open web resources like Reddit and Quora.
Upon finding a match, Zoom automatically sends an alert to the meeting host informing them of the match via email. The hosts can then take remedial measures of blocking that Zoombomber by changing the password or scheduling a new meeting to avoid a possible hijack of the meeting.
Episode #3: How Zoom is Enhancing Security and Evolving its Product
How to Stop a Zoombomber if he is Already in the Meeting
There is a possibility that participants may leak the meeting credentials to a Zoombomber purposely to cause chaos. So, to stop a Zoombomber who has already entered a meeting, Zoom has introduced a “Suspend Participant Activities” option under the security icon. When the host clicks on this option, all video, audio, in-meeting chat, annotations, screen sharing, and recording is suspended, and all breakout rooms are ended. This should shut down the Zoombomber’s activity immediately. From there, Zoom will ask the host if they want to report a user, and if they do, that user will be removed from the meeting and Zoom’s security team will be notified.
Things to do If You Receive Mail from the “At Risk Meeting Notifier”
Zoom strongly recommends the following actions if admins receive a notification email from Zoom’s new cybersecurity feature:
- Firstly, report the public post where the Meeting ID has been published. Ask the site admins to remove the link from their website/platform.
- Delete the existing meeting and schedule a new one instead with a new Meeting ID and additional authentication of a Password/Passcode. This makes the meeting private.
- Send the new Meeting ID exclusively to only the participants you trust.
- Enable the following security settings for your meeting/conference call:
- Meeting password/passcode
- Waiting room
- Meeting registration
Additionally, Zoom recommends that if canceling and rescheduling the public meeting is not possible then convert the meeting to a webinar as this gives the host control over who participates with video, audio, chat, and screen sharing.
Zoom Beefs Up Security with Two-Factor Authentication