How to secure Zoom Meetings from Zoom-Bombing attacks?
Zoom Communications Inc. has been facing a backlash as a result of the COVID-19 pandemic. Hackers have targeted the videoconferencing service because of its popularity, leading to a warning to consumers from the FBI about so-called “Zoom-Bombing” incidents. A lawsuit filed on Monday in California claims Zoom US: ZM allegedly gave users’ personal data to Facebook Inc. US:FB and other outside companies without fully informing customers.
The backlash prompted Zoom Chief Executive Eric Yuan to address some privacy criticisms in a blog post late Wednesday. Zoom currently has “a much broader set of users who are utilizing our product in myriad unexpected ways,” he said, while acknowledging that the company has “fallen short of the community’s – and our own – privacy and security expectations.”
Yuan said that Zoom has patched up flaws recently identified by a security research, clarified its privacy and encryption policies, and altered education-oriented Zoom plans so that, by default, instructors are the only ones who can share their screens.
As the coronavirus outbreak forces hundreds of millions of people to stay home, meetings have moved to online video conferences en masse using platforms like Zoom. But hackers have spotted an opportunity.
Zoom, which ballooned from 10 million users in December to over 200 million users today, is increasingly a target for trolls. "Zoom bombing" is becoming widespread, with intruders joining meetings uninvited to pester classrooms, events, and even Alcoholics Anonymous meetings.
The FBI has even issued a warning about Zoom bombing, advising people to up their security to avoid the attacks. Zoom announced on Thursday that it would put a 90-day freeze on new features in order to focus on bolstering the platform's security.
In order to find Zoom calls to join without an invite, hackers are using an online tool called zWarDial, according to a new report from cybersecurity researcher Brian Krebs. Every Zoom meeting has a unique meeting ID, and zWarDial is an automated tool that guesses IDs until it finds one that works. If there's no password on a meeting, the intruder will be instantly added to the call.
The only way to protect against such intruders is to set a password for the meeting. While Zoom says passwords are now enabled by default for new users, enterprise clients like schools and businesses may not have this setting enabled.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.