- Zoom has been a target for cybercriminals.
- Strangers are targetting Zoom users and zoom-bombing video meetings.
- FBI has now issued an advisory on how users can keep themselves safe.
Zoom is a useful app for people working from home who can now collaborate with their teammates. But, at the same time, it is also useful to hackers and cybercriminals who are lurking behind their computer screens. The cybercriminals leverage various security loopholes that exist in Zoom's platform and disrupt video meetings in what is being popularly called as 'zoom-bombing.' Much like photo-bombing, zoom-bombing refers to when some stranger joins in a meeting which he has not been invited to. And that has posed a big concern for the video app.
FBI has taken cognisance of the incidents where zoom-bombing has played out as a menace for people working from home. The US agency said it has received "multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language." FBI has noted two incidents that took place in Massachusetts in the US wherein online classes being held via Zoom in two different schools were hijacked by intruders to show off unsavoury elements. While one stranger "yelled profanity and then shouted the teacher's home address in the middle of instruction", the other one was "was visible on the video camera and displayed swastika tattoos."
To curtail the growing cases of zoom-bombing, the FBI has issued a list of steps that should be kept in mind when video chatting on Zoom. Here are some guidelines on how you can mitigate teleconference hijacking threats:
- Zoom users are advised not to make meetings or classroom public. Zoom offers two options: one that requires a password and the other one requires a stranger to join the waitlist and seek the admin's approval.
- Users should not share the link of the video meeting or a classroom with strangers. The links should be directly provided to the concerned people.
- The screen-sharing options should also be controlled by the admin. In Zoom, the FBI advises users to change screen-sharing to Host Only.
- Zoom recently updated the version of remote access/meeting applications. Users should keep their app to the latest versions. Zoom added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- Finally, the users are advised to ensure that their organisation's telework policy or guide address requirements for physical and information security.
Additionally, the FBI has advised users to contact the agency in case their Zoom meetings have been hijacked. You can additionally read on how to safely conduct Zoom meetings in our rundown.