Hackers Zoom-bomb Online Classrooms and Meetings

(April 1, 2020) Moving your meetings and classes to Zoom as a result of COVID-19? Unfortunately, hackers are not far behind.

The Boston office of the Federal Bureau of Investigation (“FBI”) issued a warning about video-teleconferencing platforms, such as Zoom, being hacked. Dubbed “Zoom-bombing,” hackers are disrupting teleconferencing with pornographic and/or hate images and threatening language, the FBI said. For example, in the Boston area a high school reported that, while a teacher was conducting an online class using Zoom, unidentified individuals dialed into the classroom yelling profanities and shouted the teacher’s home address. In another instance, an individual hacked in, was visible on the video camera, and displayed swastika tattoos.

The FBI office offered the following steps to mitigate Zoom-bombing:

• Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
• Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
• Manage screensharing options. In Zoom, change screensharing to “Host Only.”
• Ensure users are using the updated version of remote access/meeting applications. In January, Zoom installed a security update requiring passwords as the default setting for meetings and disabling the ability to randomly scan for meetings to join.

In addition, PC Mag has an online guide on how to adjust Zoom to avoid Zoom-bombing.

If you are a victim of teleconference hijacking, report it to the FBI’s Internet Crime Complaint center at ic3.gov. If you receive a specific threat during a teleconference, report it to tips.fbi.gov.