Zoomboming: FBI Warns Against Security Threats in Zoom

The coronavirus pandemic forced hundreds of businesses to work from home, and this means that meetings and classes are now done online. Because of this change, video conferences are done almost on a daily basis, and a video-conferencing software called Zoom is a useful tool to get tasks done.

However, Zoom has been drawing attention from journalists and researchers for numerous privacy and security issues. One of the invasive issues of Zoom, labeled as "Zoomboming," happens when uninvited attendees break into and disrupt the video conference.

What is Zoombombing

There have been rumors of security risks linked to video-conferencing services. Houseparty, a video-calling app, has also been dragged in this matter. The app is accused of enabling Netflix account hacks with lax security protocols.

Because of this accusation, the company has offered a $1 million reward to anyone who can prove that there has been a security sabotage against viral misinformation campaign, and saying that the issue is tied to re-suing login credentials and passwords.

Zoom CEO Eric Yuan responded to concerns about the application and said that Zoom will freeze its feature updates to address security issues as the company aims to address the them in the next 3 months.

Unfortunately, Zoombombing is easy to do. A simple Google search for URLs that include "Zoom.us" can show unprotected links of numerous meetings that anyone can join. Links to public meetings can also be found scattered across organizational pages on social media platforms.

Although there are no guarantees against the trolls, there are a few steps that you can follow to help improve your overall privacy levels when using Zoom.

Zoom settings you should change now

What are the precautionary measures you can take to prevent 'zoombombing?' Changing your settings make you less likely to be hijacked during a video conference. Here are some steps you can take to protect yourself from this.

First things first, do not use your personal meeting ID for the meeting. It is best to use a per-meeting ID, which is exclusive to a single meeting. The support page of Zoom offers a video walk-through on how to create a random meeting ID for security.

You need to enable the "Waiting Room" feature so that you can see who is attempting to join your meeting before allowing them access. Just like other privacy functions, a skillful troll can bypass this feature, but it helps to put another hurdle in their way.

Zoom also offers a support article, to enable the Waiting Room feature, you need to go to Account Management > Account Settings. Then click on Meeting, then click Waiting Room to enable the setting.

Make sure to disable other options including the ability for others to "Join Before Host". Disable screen-sharing for nonhosts, and also the remote control function. Disable all file transferring, annotations and the autosave feature for chats.

Click on the gear-shaped Settings icon on the upper-right side of the page after you've logged in to disable most of these features. From there, you will see the option to turn off most of the listed features.

It is also important to disable screen-sharing. Go to the host controls located at the bottom of the screen, and you will see an arrow next to Share Screen. Click on the arrow, click Advanced Sharing Options. Once the meeting begins, lock the meeting to outsiders and assign a co-host to help control the situation in case anyone uninvited joins in.

Tags
Zoom, Tech, Technology, Security
Real Time Analytics