What Is Zoom Bombing? Immediate Steps to Protect Your End Users
FBI Warns of Zoom Bombing Trend in Teleconferencing and Online Classrooms
April 2, 2020: This week, the FBI announced a nationwide trend of malicious hijacking events taking place during Zoom video conferencing meetings, in the wake of exponential increased use of videoconferencing technology due to the COVID-19 pandemic.
This has quickly become known as “Zoom bombing.” Zoom bombing is the malicious and unauthorized disruption of a private videoconferencing event by an individual or group, often with intent to display hate images or threatening languages.
The FBI has advised that Zoom bombing is not evidence of weakness in the Zoom technology platform. Instead, it is a result of casual usage habits by the individual user, student, or employee. To avoid these hijacks, users must improve their security habits around videconferencing technology.
There has been a massive increase in registration for domain names containing “zoom” in the past three weeks. The majority of these “look-a-like” domains will be used to create phishing attacks that pose as valid meeting links.
10 Best Practices To Prevent Hijacking
Burwood strongly recommends that IT professionals share secure videoconferencing best practices with end users immediately. These are our key recommendations for preventing Zoom bombing incidents in your organization.
Use secure methods for sharing links to meetings: invite attendees directly from conference service applications or include meeting links in enterprise calendar requests. These methods are more secure than to sharing links via email.
Avoid using personal conference “rooms” or personal meeting IDs. Instead, create specific meetings requests for each meeting. By creating a unique meeting link, the link will be one-time-use only and malicious users cannot drop-in on future meetings.
Make meetings private whenever possible. Conference attendees should be specifically invited (vs. allowing anyone with the valid meeting link to connect).
Require a password from all users to join a meeting. The password should not be posted alongside the public meeting link.
Enable “waiting room” functionality to require participants to be approved by the host before joining the conferences.
Enable requirement for the host of the meeting to be present before starting the meeting for participants. This will protect against malicious users arriving before a presenter and assuming the host controls for the meeting.
Presenter controls such as screen sharing, mute controls, and abilities to eject users for conferences should be restricted to the meeting organizer and only delegated to authorized contributors when needed. Disable the ability for participants to assume the presenter role.
File transfer mechanisms should be disabled by default for all meetings to protect attendees from malware delivery. Enable this on an as-needed basis only.
Wherever possible, restrict webcam auto-enablement and video sharing from participants.
Users should NOT click on meeting request from unknown users or for meetings they are not expecting to be invited to. Malicious users will attempt to send mass emails with seemingly-valid web conference invites. URLs and links for meetings should be closely reviewed for accuracy before clicking when shared in email.
For additional tips, we recommend viewing Zoom’s official blog response including security recommendations. If you have specific concerns about your users or environment, please contact Burwood today.
About Burwood Group
Burwood Group, Inc. is an IT consulting and integration firm. We partner with Zoom, Cisco WebEx, and Microsoft Teams to create videoconferencing solutions. Our services include:
System design and integration with existing network infrastructure
Security and compliance policy development
Pre-built end user training
Integration with cloud-based file sharing
24x7 infrastructure monitoring, management, and help desk support
Learn more about our videoconferencing approach.
Burwood Group comprises 250 employees across six U.S. offices, including two 24x7 network operations centers in San Diego, CA and Normal, IL. Whether you are developing strategy, deploying technology, or creating an operational model, Burwood is a dedicated partner.
