zoom phone

Video Conferencing Software Zoom Faces Scrutiny Over Hacks, Abusive Behavior During Meetings

The spread of “Zoombombing,” or hijacking a meeting room with abusive images or speech, has grown in scope as more Americans turn to teleconferencing for classroom instruction and workplace meetings.

As more Americans use video conferencing software to connect with coworkers, friends and family during the COVID-19 pandemic, one of the most popular platforms, Zoom, has faced several complaints from customers who have had their conferences “hijacked” by hackers.

The practice, also referred to as “Zoombombing,” has happened with several virtual classrooms and workplace meetings that did not have password protections for the meeting room and had their meeting room links available online.

The FBI’s Boston office issued a warning this week about the potential for hijacking after receiving several reports of “conferences being disrupted by pornographic and/or hate images and threatening language.”

One school in Massachusetts reported an incident where an unidentified individual dialed into the classroom, yelled a profanity and shared the teacher’s home address in the middle of the meeting. Another teacher reported that an unidentified individual appeared in their Zoom meeting room with visible swastika tattoos.

“As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity effort,” the warning reads.

In a press statement, Zoom has said that it takes the security of its software seriously and that employees are “deeply upset” to hear about these types of attacks.

“For those hosting large, public group meetings, we strongly encourage hosts to review their settings and confirm that only the host can share their screen,” the company, which has faced criticism for cybersecurity issues in the past, said. “For those hosting private meetings, password protections are on by default and we recommend that users keep those protections on to prevent uninvited users from joining.”

The questions around Zoom’s cybersecurity practices and use of personal data have been escalated by Sen. Richard Blumenthal (D-Conn.). The senator sent a letter to Zoom CEO Eric Yuan on Tuesday to seek information on Zoom’s protections against security threats and “abuse” of its services.

“The millions of Americans now unexpectedly attending school, celebrating birthdays, seeking medical help, and sharing evening drinks with friends over Zoom during the Coronavirus pandemic should not have to add privacy and cybersecurity fears to their ever-growing list of worries,” Blumenthal wrote.

New York Attorney General Letitia James sent a similar letter this week. Blumenthal has requested answers to his questions, which include inquiries about Zoom’s collection of personal data, use of “end-to-end encryption,” and policies against abusive behavior, by April 14.

In the meantime, users can report incidents of Zoombombing to the company so staff can take “appropriate action,” the company said. Victims of teleconference hijacking or any cyber crime can report it to the FBI’s Internet Crime Complaint Center. The FBI offered other tips on preventing Zoombombing, including not sharing links to meeting rooms on unrestricted social media posts where trolls and hackers can find them.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Leveraging IoT and Open Platform VMS for a Connected Future

    The evolution of urban environments is being reshaped by the convergence of Internet of Things (IoT) technology and open platform VMS. As cities worldwide grapple with growing populations and increasing operational complexities, these integrated technologies are emerging as powerful tools for creating more livable, efficient, and secure urban spaces. Read Now

  • Securing the Future

    Two security experts sit down with Security Today’s editor in chief Ralph C. Jensen to discuss what they see emerging and changing over the next several years along with how security stakeholders can harness these innovations into opportunities. Read Now

  • Collaboration Made Easy Using a Work Management Platform

    Effective collaboration between security operators, teams and other departments is critical to the smooth functioning of organizations. Yet, as organizations grow in complexity, it becomes more difficult for teams to coordinate with each other. This is compounded by staffing shortages, turnover and ineffective collaboration tools. Read Now

  • Creating a Safer World

    Managing and supporting locks and door hardware within a facility is a big responsibility. A building’s security needs to change over time as occupancy and use demands evolve, which can make it even more challenging. Read Now

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.