Multiple Security Risks of Using Zoom Have Been Discovered

Zoom, the video conferencing platform, has been a lifeline for businesses and organizations during this unprecedented time of quarantine and isolation. The popular application has become a target for cybercriminals as more and more people use the service for social gatherings and business meetings.

One may not think that the casual conversations people have over Zoom for social purposes would catch the attention of hackers, but each of the hundreds of millions of users are at risk regardless of their purpose of being on Zoom. That being said, there are certain customers that have been affected the most from these threats. Organized groups centered around religion or personal associations have been targeted for “Zoombombing” and other disruptive behaviors, which is described further down. In addition, government organizations such as the Center of Disease Control are at risk of having sensitive information recorded or leaked.

The company has also been in hot water due to sharing personal information with Facebook and is currently facing a class action lawsuit for not “properly informing users”. Apparently Zoom has ceased this connection with Facebook, but lawsuits are still ongoing.

Over 500,000 accounts are being sold on the dark web for less than a penny according to an article from CNet. Zoom users should change their passwords frequently to prevent cyber criminals from getting into their accounts.

Multiple organizations are beginning to ban or limit Zoom use such as Google, some school districts, the U.S. Senate, and the Pentagon. The CEO of Zoom, Eric Yuan, has made brief comments on the security risks and recently enacted a 90-day freeze on new operations to focus on fixing the issues at hand, according to an article from Forbes.

Zoombombing

Zoombombing is a form of cyber harassment by which hackers overwhelm users with offensive words or material, including slurs and pornographic images. As mentioned earlier, social groups have received the grunt of this act. According to Forbes, there have been reports of Zoombombing at “Alcohol Anonymous meetings, synagogue services, and doctoral dissertation defenses”.

How to Stay Safe

The FBI issued a guide to avoiding these cyber attacks because of how prevalent they have become. The following list summarizes their suggestions:

  • Keep meetings private by requiring a password or using the waiting room feature
  • Only share meeting links directly to specific people, not on public platforms
  • Set screensharing to “Host Only”
  • Make sure all users are on the most updated version of Zoom
  • Make sure your organization’s telework policy addresses requirements for physical and information security

Visit our blog to read more articles on cybersecurity and IT tips.