In the past few months, COVID-19's unwelcome visit has led to the increased need for social distancing and, by extension, new methods of communication within and outside the workplace.
As businesses move to online meetings there are a wide array of new security challenges that come with it. Not least of these is that of “Zoombombing”.
“Zoombombing” refers to the act of infiltrating a private video conference in order to do harm or to disrupt. The perpetrators are called “Zoombombers”. While taking its name from the popular Zoom conferencing software, it has come to act as an umbrella term for security breaches of this nature.
For personal meetings, being Zoombombed is often just annoying and unsettling. But for companies, firms, businesses, corporations, and institutions, these attacks pose a real threat to sensitive information and business operations – and may have much greater repercussions. Even though Zoombombing attempts may be made against your business, there are ways to reduce your risk of such an attack and nullify threats before they begin.
Herewith, a handy Zoombomb defusal kit:
Limit the amount of data available that relates to your conference meeting
As with all cyberthreats, risk is decreased significantly if access to information is secured and limited. This means that meeting links, IDs, codes and/or passwords should only be accessible to the relevant parties. Meeting info should never be placed on public platforms where bots and other security threats lurk.
Avoid using static meeting rooms or static user addresses
Open meeting rooms, although convenient, use a static meeting address, which means that anybody with that address can enter and exit as they please. Do not consider these for meetings where sensitive information will be shared. Furthermore, many video conferencing applications allow video calling from personal addresses/IDs. These personal addresses are also static, which means that anyone with knowledge of your personal address and ID can make direct contact with you. Wherever possible, make sure to create a video meeting room that is not linked to your personal address/ID.
Avoid platforms that do not require a host
Only consider conferencing applications where you can act as host and have control over the permissions to access application functionalities. Holding permissions as the host makes it a lot harder for Zoombombers to disrupt meetings.
Disable settings that allow anyone to enter before the host
If you allow other attendees to enter your online meeting before you do, it opens the way for attendees to set up an attack that will be difficult to defuse once you enter as host.
Enable a Waiting room
Many online conferencing solutions have a ‘Waiting room’ functionality, which allows the meeting host to approve attendees before they can access a meeting. Zoombombers cannot disrupt or ascertain information from meetings to which they do not have access.
Always use password protection
A password adds an added security measure to conferencing calls and limits access to those who have the required key. If possible, only share passwords to meetings right before they start, to decrease the risk of a password being shared.
Never allow anyone that you cannot identify into the meeting
Zoombombers are not restricted by physical location and can perform their attacks from a wide array of places. If the name of a meeting attendee looks unfamiliar or uses characters that aren’t local, it should be a red flag. If meeting with a client, request to know in advance who will attend the meeting so that you can more easily identify users by their username. Additionally, some conferencing platforms can be set to restrict access to pre-authorised users or users that are logged in with a predetermined email tag, which also eliminates spoofed addresses from attempting entry to your meeting.
Minimise access to application features
Regardless of who attends the meeting, it is a good idea to disable any recording functionality when discussing sensitive matters. Make sure to disable any settings that allow anyone other than the host to record meetings, limiting the possibility of sensitive information being stored in a digital form.
Most Zoombombing attacks are initiated through the screen sharing functionality of conferencing platforms, where visuals and audio take over the screen. Make sure to limit screen sharing to the host, thereby minimising the risk of intrusive behaviour. Consider limiting access to annotations and chat functionality that may allow more avenues for the intrusion.
Some Zoombombers use their camera and microphone to shout obscenities, play loud music, or show graphic images. The best way to safeguard against this is to set up permissions in such a way that only the host is able to unmute/show video at the request of the meeting attendees. Attacks like these can target even the most basic of video conferencing platforms.
Familiarise yourself with the application you use
Lastly, knowing how to kick someone from a meeting and how to remove disruptions quickly are very important, so be sure to know where these options can be found on your platform. However, if your meeting has been compromised, it is best to end the meeting speedily and create a new meeting room altogether.
Although the trend of Zoombombing in our current digital landscape is rife, with the right measures in place, you and your business never have to be the victim of intrusions to your online meetings.
This article is a general information sheet and should not be used or relied upon as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your adviser for specific and detailed advice. Errors and omissions excepted (E&OE).