Stopping ‘Zoombombing’ from the COVID-19 trenches
By Leon Gettler >>
ONE OF the biggest issues facing Zoom is ‘Zoombombing’. That’s when uninvited intruders break into and disrupt the meeting.
They jump into public Zoom calls and use the platform’s screen-sharing feature to project graphic content to unwitting conference participants, forcing hosts to shut down their events. Zoombombers often hurl racial slurs or profanity, or share pornography and other offensive imagery, or try to add malware to Zoom users’ computers.
Zoombombing has become a huge security and privacy issue as use of the Zoom platform surges due to an increase in coronavirus-related remote working.
Chuck White, the chief technology officer for Fornetix, the advanced encryption key management company based in Maryland USA, said it come down to digital hygiene, cyber defence and making sure the door is locked to unwanted attendees.
He concedes a lot of it is new to people using Zoom. As he sees it, they have a lot to learn.
“That’s one area where people who aren’t used to running web conferences … you have lot of people online who are not used to operating this way and I think some of it is a lack of experience,” Mr White told Talking Business.
“You used to keep your front door unlocked. So from a Zoombombing perspective, there are drives of people coming online using Zoom to collaborate and not taking appropriate steps to lock the door.
“A lot of it is a community who would not think a tool like Zoom could be abused this way.”
LOCK THAT ZOOM DOOR
Mr White said Zoom users should take a number of steps to ensure the door remains locked.
First and foremost is to make meeting private. He cited one example of people taking about the Zoom conference coming up and even putting a link.
Facebook is not the most private platform in the world. The same applies for those who put details about the Zoom meeting on a website.
Other security steps are to schedule the meeting and to invite attendees with email. The meeting should also have a password.
If a Zoombomber does enter the meeting, it is important to limit screen sharing and use of video.
Another good idea is to have someone monitoring the meeting to make sure everything is going to plan and who can remove the intruder. If all else fails, shut down the meeting.
UNDERSTAND CYBER DEFENCE
The issue is whether employees on remote teams understand cyber defence when they are not trained to use it.
“When it comes to someone who doesn’t work in this day in and day out, you’d want to teach them three to four things: keep it private, have a chaperone, kick people out and if you lose control, kill the meeting,” Mr White said.
As a former army officer, he said it is always a case of keeping it “infantry proof” and these are exactly the instructions handed down to his team at Fornetix,
“That cyber hygiene is critical because attackers will take advantage of people making mistakes,” Mr White said.
“If you can train for that appropriate posture where it becomes second nature, freedom through discipline, to prevent these things from happening, you’re going to make it much more difficult for an attacker to take advantage of a populace that’s vulnerable.”
Hear the complete interview and catch up with other topical business news on Leon Gettler’s Talking Business podcast, released every Friday at www.acast.com/talkingbusiness.