Despite regular security updates and features, cyberthreats on Zoom applications have become rampant. In the wake of the pandemic, the popular video conferencing platform suffered numerous cyberattacks and is still a primary target for many cybercriminal gangs. The company even launched a new feature “At Risk Meeting Notifier” in its latest update to help the conference hosts to block uninvited guests from entering the calls and prevent Zoombombing attacks.
In its latest security advisory, the FBI has alerted members and organizations about rising criminal acts of hackers on Zoom video conferences. The attackers, tracked as Zoombombers, are allegedly breaking into online classes and business meetings to disrupt or just to play pranks. “The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language. As large numbers of people turn to video-teleconferencing (VTC) platforms to stay connected in the wake of the COVID-19 crisis, reports of VTC hijacking (also called Zoombombing) are emerging nationwide,” the FBI said.
What is Zoombombing
In a Zoombombing attack, unauthorized guests (Zoombombers) connect to a Zoom meeting room and disrupt the meeting by doing non-contextual things like hurling insults, playing pornographic content, or making threats to other participants. A Zoombombing incident takes place when participants knowingly or unknowingly share a Zoom meeting ID (and sometimes its password) on social media or discussion forums like Reddit and Quora threads.
Zoombombing Incidents
The FBI stated that several Massachusetts schools, including other businesses, have reported incidents of Zoombombing attacks. “In late March 2020, a Massachusetts-based high school reported that, while a teacher was conducting an online class using the teleconferencing software Zoom, an unidentified individual dialed into the classroom. This individual yelled profanity and then shouted at the teacher’s home address in the middle of an instruction. A second Massachusetts-based school reported a Zoom meeting being accessed by an unidentified individual. In this incident, the individual was visible on the video camera and displayed swastika tattoos,” the FBI added.
Rise in Video Conference Services
With organizations and educational institutions globally continuing their operations remotely, cybercriminals are taking advantage of this situation by targeting video conference and calling platforms like Zoom.
Related story: DDoS Attacks on E-Learning Platforms Increase by 550%.
Do Your Due Diligence
The FBI also recommended certain security measures to mitigate teleconference hijacking threats. These include:
- Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
- Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
- Manage screen sharing options. In Zoom, change screen sharing to Host Only.
- Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated its software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.
The FBI has asked the victims of teleconference hijacking attacks to contact its Internet Crime Complaint Center at ic3.gov.
