Video conferencing has gone from a “nice to have” to a “must have” due to millions of people now working and learning from home due to COVID-19. In order to continue operating, companies, schools, and other organizations have had to rely on online meeting software like Zoom, Skype, and Cisco Webex.
While these applications aren’t new, they’ve come under new scrutiny due to something called “Zoom Bombing,” which exploits inherent security risks in video conferencing applications.
On March 30, 2020, the FBI’s Boston office warned of online meeting hijacking that is going on during the COVID-19 pandemic. They noted an incident in which a high school was doing online learning and had their Zoom classroom meeting accessed by an unauthorized visitor that shouted profanity.
Employees without remote support to help when they’re undergoing a similar incident, might not know what to do. We’ll go through exactly what this new “Zoom Bombing” trend is and the steps you can take to ensure it doesn’t happen during your online meetings.
Why is Zoom Bombing Happening & What is It?
The term “Zoom Bombing” refers to a person joining a video conference meeting that isn’t supposed to be there. They join specifically for the purpose of disrupting the meeting.
Things that can happen during one of these incidents include:
- Someone taking over the screen and showing profanity or other inappropriate content
- Someone showing up on video wearing inappropriate or offensive clothing
- Someone shouting profanities or just yelling over other participants to cause disruption
The name puts together Zoom, which is one of the most popular video conferencing software tools used for online meetings, and the term “bombing” similar to “photo bombing” where a person purposely gets into someone else’s photo.
It’s important to note that Zoom isn’t the only video conference application that “Zoom Bombing” can happen on. If you don’t secure them properly, any online meeting tool can have the same thing happen.
Zoom, however has been the software in the news and it’s also been found to have zero-day vulnerabilities that have allowed hackers to do more than just ruin a meeting, such as getting their hands on a user’s Windows login credentials.
Why Am I Just Hearing About This Now?
While this type of unauthorized access could have happened any time before the COVID-19 outbreak, the pandemic has people using video conferencing software at unprecedented levels due to “stay at home” orders impacting over 95% of Americans.
Additionally, the makers of Zoom and other business-focused meeting software weren’t prepared for large numbers of consumers using their platforms.
These things resulted in more meetings to “bomb” and many bad actors out there with nothing else to do. Now Zoom and other software makers are playing catch up.
Tips for Securing Online Meetings
Many have used Zoom, Skype, and other online conferencing software for years without giving the security much thought. But all it takes is one unauthorized person accessing a company or client meeting to bring those security risks into the light.
Here are several things you can do to ensure you’re not a victim of “Zoom Bombing” during your online meetings.
Use a Meeting Password
It may take one extra step but adding a password to your meeting that attendees need to enter can stop an unauthorized person from joining.
This isn’t usually something that’s defaulted when you schedule a meeting, so check the meeting setup settings and click the option on to require a meeting password.
Check Security and Privacy Settings
You have a variety of security and privacy settings within tools like Zoom, Skype, and others. Make sure to explore those settings and turn features on to reduce the options that users can take without permission.
These include things like:
- Ability to screenshare
- File sharing capabilities
- Ability to join a call before the host
- Ability to record the meeting
Lock the Meeting Once Everyone is There
Zoom has a feature that allows you to lock the meeting and keep anyone else from joining.
After everyone is there, click Participants at the bottom of the window and in the popup box there will be an option to “Lock Meeting.” Even if attendees have the meeting ID and password, they won’t be able to join once locked.
Be Careful Where Meeting Details are Posted
It’s not a good idea to share meeting login details on public platforms like social media. It’s best to send the login details to each person individually, rather than post them in one public area where they could be found by someone looking to Zoom Bomb.
Have a “Helper” Keep an Eye on Participants
If you’re the one hosting a meeting, it’s not easy to also keep an eye on any participants that may be joining to see if there’s an unwanted party included.
Have a helper or co-host keep watch on the participants and make sure they match your authorized guest list for the meeting.
Keep Your Remote Employees Secure with Help from Unbound Digital
Whether you need help securing online meetings or home connections to business apps, our experts can ensure your remote team is secure.
Contact us today to schedule a free remote security consultation. Call 423-335-2461 or reach us online.