zoom phone

Video Conferencing Software Zoom Faces Scrutiny Over Hacks, Abusive Behavior During Meetings

The spread of “Zoombombing,” or hijacking a meeting room with abusive images or speech, has grown in scope as more Americans turn to teleconferencing for classroom instruction and workplace meetings.

As more Americans use video conferencing software to connect with coworkers, friends and family during the COVID-19 pandemic, one of the most popular platforms, Zoom, has faced several complaints from customers who have had their conferences “hijacked” by hackers.

The practice, also referred to as “Zoombombing,” has happened with several virtual classrooms and workplace meetings that did not have password protections for the meeting room and had their meeting room links available online.

The FBI’s Boston office issued a warning this week about the potential for hijacking after receiving several reports of “conferences being disrupted by pornographic and/or hate images and threatening language.”

One school in Massachusetts reported an incident where an unidentified individual dialed into the classroom, yelled a profanity and shared the teacher’s home address in the middle of the meeting. Another teacher reported that an unidentified individual appeared in their Zoom meeting room with visible swastika tattoos.

“As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity effort,” the warning reads.

In a press statement, Zoom has said that it takes the security of its software seriously and that employees are “deeply upset” to hear about these types of attacks.

“For those hosting large, public group meetings, we strongly encourage hosts to review their settings and confirm that only the host can share their screen,” the company, which has faced criticism for cybersecurity issues in the past, said. “For those hosting private meetings, password protections are on by default and we recommend that users keep those protections on to prevent uninvited users from joining.”

The questions around Zoom’s cybersecurity practices and use of personal data have been escalated by Sen. Richard Blumenthal (D-Conn.). The senator sent a letter to Zoom CEO Eric Yuan on Tuesday to seek information on Zoom’s protections against security threats and “abuse” of its services.

“The millions of Americans now unexpectedly attending school, celebrating birthdays, seeking medical help, and sharing evening drinks with friends over Zoom during the Coronavirus pandemic should not have to add privacy and cybersecurity fears to their ever-growing list of worries,” Blumenthal wrote.

New York Attorney General Letitia James sent a similar letter this week. Blumenthal has requested answers to his questions, which include inquiries about Zoom’s collection of personal data, use of “end-to-end encryption,” and policies against abusive behavior, by April 14.

In the meantime, users can report incidents of Zoombombing to the company so staff can take “appropriate action,” the company said. Victims of teleconference hijacking or any cyber crime can report it to the FBI’s Internet Crime Complaint Center. The FBI offered other tips on preventing Zoombombing, including not sharing links to meeting rooms on unrestricted social media posts where trolls and hackers can find them.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • Securing the Flow of Operations

    The transportation industry is a complex and dynamic environment where efficient management of physical keys, vehicles and shared devices is critical to ensuring smooth operations, reducing costs and maintaining security. Every day, more transportation facilities are using modern electronic key and asset management systems to better secure, audit and manage the important assets that keep operations running smoothly. Read Now

  • Today's Enterprise

    Protecting servers and data has evolved rapidly over the past 15-plus years. Early on, concerns centered around the environmental conditions of where servers were housed within a building and the effects of humidity, temperature and air quality on their performance. This led to a better understanding of the need for a controlled environment to maximize equipment lifespan and capacity. It was also a driving force behind consolidating servers in a common space, i.e., the data center. Read Now

  • Study Proves It: Security Awareness Training Reduces Phishing Attacks

    Attackers are increasingly targeting human-based vulnerabilities to infiltrate organizations. Humans have direct access to insider systems and data – any threat actor can easily phish users, steal their credentials and secure keys to the kingdom without having to fight advanced cybersecurity defenses. Studies show social engineering attacks and human errors are behind 68% of all breaches.  Read Now

Featured Cybersecurity

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3