As a result of the COVID-19 pandemic, there has been a massive increase in remote workers. This has led to certain businesses and software to get a surge in users, such as the video conferencing software Zoom. Zoom has become one of the most popular applications in the U.S., used for anything from running online classes to work meetings. The popularity Zoom has enjoyed has also made it a target for hackers and pranksters.
What’s known as “Zoom bombing” has become more frequent, which is when a Zoom meeting is hijacked or infiltrated by pranksters or hackers, often with disturbing content of a graphic or racist nature.
Here’s what you need to know about Zoom bombing:
1. Zoom Bombing Is When an Uninvited Attendee Disrupts a Zoom Meeting in Any Way
The concept of Zoom bombing is a huge security concern for the software company. Zoom is a popular service that’s considered reliable, easy to use, and according to Zoom’s website, has end-to-end encryption if connecting using the computer’s audio instead of a phone.
However, as one reviewer pointed out, Zoom doesn’t truly support end-to-end encryption, only transport encryption. That means while the video and audio content are protected from people accessing your WiFi, they are not private from the company.
It is quite easy for someone to Zoom bomb a meeting, as CNET points out. Users can search for URLs that include “Zoom.us” and find unprotected meetings that they can access, or social media pages have sometimes added links to their public Zoom meetings.
2. Some Recent Cases of Zoom Bombings Have Involved Alarming Racist, Anti-Semitic or Graphic Sexual Content
Zoom bombings have become quite alarming in the last couple of weeks. One user spoke of her Zoom meeting with Rabbis and other community members that got hijacked by people who posted Anti-Semitic messages and swastikas.
She wrote: “Really cool when your Zoom meeting with Rabbis and other members of your community gets hacked with swastikas and hate speech.”
According to local news, some virtual classes with young children have been Zoom bombed by individuals exposing themselves. In another case, on April 2, one Twitter user posted:
She wrote: “In middle of lecture to HBCU students… my screen was taken over & a mob of Zoom bombers] dropped n-word, drew swastikas, & posted porn. @Zoom FIX THIS. Last thing I need in a pandemic is to be terrorized online.”
3. The FBI Has Issued a Warning to Americans About Zoom Bombing
On March 30, the FBI’s office in Boston issued a warning about teleconferencing and online classroom hijacking during the coronavirus pandemic. It said that “reports of VTC hijacking (also called ‘Zoom-bombing’) are emerging nationwide.”
According to the statement, the FBI has received reports of meetings being disrupted by “pornographic and/or hate images and threatening language.” The FBI also provided some examples of Zoom bombing and some guidance on enhancing the cybersecurity of remote work.
4. Users Are Urged to Set Meetings to Private & Share Zoom Links Privately
There are a few things that people can do to keep their Zoom meetings more secure. The FBI provided some guidelines in their March 30 statement. They said that users should not make their meetings or classrooms public: “In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.”
They also said that the meeting link should not be posted on social media and should instead be shared directly with the participants of the meeting. Zoom also allows users to manage their screen sharing preferences, and it should be set to “Host Only.” All users should also have the latest version of Zoom downloaded.
5. Zoom Has Seen a Massive Surge in Downloads and Users Since the COVID-19 Pandemic Spread Through the U.S.
In a statement from Eric Yuan, the CEO of Zoom, the company has had a huge surge in users due to the COVID-19 pandemic. Yuan wrote that in December 2019, “the maximum number of daily meeting participants, both free and paid, conducted on Zoom was approximately 10 million. In March this year, we reached more than 200 million daily meeting participants, both free and paid.”
He added that 90,000 schools in 20 countries have “taken us up on our offer to help children continue their education remotely.”
Yuan said that the company is focused on a fix for the security concerns of Zoom bombing, and said “we recognize that we have fallen short of the community’s – and our own – privacy and security expectations.” He said that his plan over the next 90 days will be to freeze all new features so the company can focus on its privacy issues.