Zoom bombing - a dangerous gateway
The boom in Zoom video conferencing software continues - despite various data protection incidents. So-called Zoom bombing has increased dramatically, whether for pure mischief or for criminal purposes. Zoom bombing is a dangerous gateway for cyber attacks, especially for companies.
The term Zoom Bombing means that an unwanted guest joins a Zoom meeting by either knowing the Zoom meeting ID number (for example, because a Zoom meeting ID from a previous meeting is reused).
A serious problem for companies as well
Zoom bombing also poses a significant security risk to organizations, especially when it happens undetected. For example, zoom bombers can discreetly enter a zoom conference and take screenshots of confidential screen shares or secure video and audio recordings of the meeting. The collected information can then be used by cybercriminals for phishing or spear phishing attacks, for example.
"Most Zoom bombing incidents can be prevented with a little care on the part of the user," said Malwarebytes security chief John Donovan. "Anyone using Zoom or any other web conferencing software is strongly advised to review their conferencing settings and minimize permissions for other conferees."
Tips to protect against zoom bombing
Malwarebytes security researchers have the following concrete tips to protect yourself.
Use of a unique meeting ID: Using a personal ID for meetings should be avoided because it is like an open door - anyone can walk in at any time. Granted, it is user-friendly because it is convenient and easy to remember. However, if a zoom bomber knows the personal ID, they can "drop in" on meetings at any time or spread the ID criminally. Therefore, a unique, newly generated meeting ID should always be used.
Set a password for each meeting: Even a unique meeting ID may have been passed on to someone outside the organization or tapped by cybercriminals. Adding a password to each meeting is therefore another useful layer of security.
Allow only logged in users: With this security setting, it doesn't matter if Zoom bombers know the meeting ID - and even the password. This setting requires that all users are logged into Zoom with the email they were invited through.
Activate waiting room: With the Waiting Room setting, the meeting does not begin until the host arrives and adds all participants to the meeting. The participants cannot communicate with each other while they are in the waiting room. This gives the meeting host the opportunity to manually double-check who can join the meeting and identify uninvited guests.
Activate the beep when users join or leave the meeting: The chime not only gives a reason to embarrass users arriving late, but also ensures that no one can join a meeting unnoticed. The chime is normally turned on by default. This should definitely be checked again in the settings.
Closing the virtual meeting room once the meeting has started: As soon as all expected participants have arrived, the virtual meeting room should be closed.
Restricting screen sharing: Before the meeting begins, screen sharing should be restricted to the host. During the meeting, additional participants can then be granted permission manually, as needed.
Many of the tips also apply to other video conferencing tools. The security researchers at Malwarebytes strongly recommend taking appropriate security precautions in the settings - regardless of whether Zoom or another video conferencing tool is used. Often, this can be set across an entire organization to prevent cyberattacks.
Source: Malwarebytes
