The boom in video conferencing software Zoom continues – despite various data protection incidents. So-called zoom bombing has increased dramatically, be it for mere mischief or for criminal purposes. Zoom bombing is a dangerous gateway for cyber attacks, especially for companies.
© depositphotos, Andrey Popov
–
The term zoom bombing means that an unwanted guest joins a zoom conference by either knowing the zoom meeting ID number (because, for example, a zoom meeting ID from a previous meeting is reused).
A serious problem for companies too
Zoom bombing also poses a significant security risk for companies, especially if it happens unnoticed. Zoom bombers can, for example, discreetly enter a zoom conference and take screenshots of confidential screen shares or secure video and audio recordings from the meeting. The information collected can then be used by cybercriminals, for example, for phishing or spear phishing attacks.
“Most zoom bombing incidents can be prevented with a little care on the part of the user,” says Malwarebytes security chief John Donovan. “Anyone using Zoom or other web conferencing software is strongly advised to review their conference settings and minimize permissions for other conference participants.”
Tips for protecting against zoom bombing
The security researchers at Malwarebytes have the following specific tips to protect themselves.
Use a unique meeting ID: The use of a personal ID for meetings should be avoided because it is like an open door – everyone can look in at any time. Admittedly, it is user-friendly because it is convenient and easy to remember. However, if a zoom bomber knows the personal ID, they can “drop by” at meetings at any time or spread the ID criminally. Therefore, a unique, newly generated meeting ID should always be used.
Set a password for each meeting: Even a unique meeting ID can be passed on to someone outside the organization or it could have been tapped by cybercriminals. Adding a password to every meeting is therefore another useful level of security.
Allow only logged in users: With this security setting, it doesn’t matter whether zoom bombers know the meeting ID – and even the password. This setting requires that all users are signed in to Zoom with the email that invited them.
Activate waiting room: With the “Waiting room” setting, the meeting only begins when the host arrives and adds all participants to the meeting. Participants cannot communicate with each other while in the waiting room. The host of the meeting thus has the opportunity to manually check who can attend the meeting and to identify uninvited guests.
Turn on the beep when users join or leave the meeting: The beep not only gives a reason to embarrass late users, but also ensures that no one can join a meeting without being noticed. The gong is normally switched on by default. This should definitely be checked again in the settings.
Closing the virtual meeting room as soon as the meeting has started: As soon as all expected participants have arrived, the virtual meeting room should be closed.
Screen sharing limitation: Before the meeting begins, screen sharing should be restricted to the host. During the meeting, further participants can then be granted the authorization manually, as required.
Many of the tips also apply to other video conferencing tools. The security researchers at Malwarebytes strongly recommend taking appropriate security precautions in the settings – regardless of whether zoom or another video conferencing tool is used. Often, this can also be defined for an entire organization, thus preventing cyberattacks.
Source: Malwarebytes
–
