Zoom Video Communications is a remote conferencing services company. Many organizations use their product for its video conferencing, online meetings, chat, and mobile collaboration to stay in contact with remote colleagues, customers, partners, etc. Zoom drove tremendous growth at the beginning of March because of the corona-virus. It went from hosting 10 million daily meeting participants at the end of last year to over 200 million daily meeting participants this year in March. Zoom’s use has skyrocketed over the last several weeks, mostly due to the COVID-19 pandemic. Many consumers are trusting that Zoom will provide the necessary security to protect our personal information and the content of our Zoom sessions. Unfortunately Zoom’s security problems over issues of security, privacy could leave its growing audience at risk.
The corona-virus. the exposure brought an end to many of the rituals of everyday life, many people are appearing on Zoom, a video-call service across a nation almost entirely locked indoors. Zoom’s security issue was Zoom’s software was saved onto a separate online storage space without a password. The standard naming convention for every video recording, a simple online search revealed a stream of videos available for anyone to watch, download, or use for exploitation. It was revealed Zoom had quietly installed a hidden web server on user devices that could allow the user to be added to a call without their permission. And a bug discovered this week would enable hackers to take over a Zoom user’s computer, including tapping into the webcam and hacking the microphone. Zoom failed to secure many video recordings covering sensitive business matters as well as the health, welfare, and education of our families, families, and loved ones. Technical experts argue the shortcuts are a vulnerability open to hackers who could exploit them to snoop on people’s lives. Many companies made mistakes in completing their 90-day security and privacy investigations of data. However, their mistake likely happened, because of the current crisis and the increase in demand for the zoom product, which helps people stay connected in times of quarantine. Security researchers who have analyzed Zoom’s programming code say its software relies on techniques that could leave people’s computers exposed to breaches. Many schools have already defected to services based on the perceived risk which was driven, in part, specific to “classrooms”.Millions of consumers unexpectedly attending school, celebrating birthdays, seeking medical help, and sharing evening drinks with friends over Zoom during the corona-virus. a pandemic may be exposed to privacy and cybersecurity issues. Well, known Hotel Chains was impacted by security concerns. Lawsuits have been filed claiming consumer privacy data breach due to Zoom flawed security exposure.
Several security flaws affecting Zoom have been reported and the FBI announced it was investigating increased cases of video hijacking, also known as “Zoom-bombing”, in which hackers infiltrate video meetings.“Zoom-bombing” is when an uninvited person joins a Zoom meeting. This is usually done in an attempt to gain a few cruel jokes at the expense of the participants. Zoom-bombers often hurl racial slurs or profanity or share pornography and other offensive imagery.
The “does and don’t” to Protect Yourself using Zoom
Locate information that will guide you to features that could improve security would be enabled by default. Always be proactive, and make security and privacy your top priority whenever you use Zoom. The following steps can be taken to mitigate teleconference hijacking threats:
- Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
- Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
- Manage screen sharing options. In Zoom, change screen sharing to “Host-Only.”
- Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- Lastly, ensure that your organization’s teleworker policy or guide addresses requirements for physical and information security.
If you were a victim of a teleconference hijacking or any cyber-crime for that matter, report it to the FBI’s Internet Crime Complaint Center at ic3.gov.
Many Consumers have questioned the security flaw, Zoom may have had no choice but to forgo security and speed up efforts and in doing so, made a terrible choice between innovation and security leading to their resulting data breach. Zoom has released guidelines for consumers on how to prevent unwanted guests from crashing video meetings and a spokesman told the Guardian it had also been working to educate its users on protections through blog posts and webinars. Increasingly consumers believe Zoom has been slow to react to security flaws, allowed features to compromise the privacy and security of users, and has potentially been dishonest (inaccurate for sure) about its level and type of video and audio encryption. Zoom had no choice but to forgo security and speed up efforts and in doing so, to correct the security flaw to safeguard to save people a few clicks before making or joining calls. zoom has acknowledged its recent security issues and is working actively to correct them. Most enterprises around the world have done security reviews of their user, network, and data center layers and confidently selected Zoom for complete deployment. Which it should not have to add fears to their ever-growing list of worries. These companies need to have in place an automated platform to analyze, identify, and remediate cloud infrastructure. This will enable organizations to securely embrace the public cloud while giving developers the freedom to innovate without exposing the business to risk.
As the COVID-19 pandemic forces millions of people to stay home, to slow the spread of the corona-virus. business is booming for Zoom, bringing more attention to the company and its consumer privacy practices. Many enterprises starting from the Senate down to the small business, are considering band using the Zoom software. Is Zoom doomed because of the encryption security issues? Zoom has layered safeguards in place to protect our consumer privacy, which includes preventing anyone, including employees, from directly accessing any data that users share during meetings, including but not limited to the video, audio and chat content of those meetings.
While there are no guarantees against data privacy during these quarantine events, there are a few ways to improve your overall privacy levels when using Zoom.
- Don’t use your Meeting ID for the meeting. Instead, use a per-meeting ID, exclusive to a single meeting.
- Enable the “Waiting Room” feature so that you can see who is attempting to join the meeting before allowing them access.
- Disable other options, including the ability for others to Join Before Host (it should be disabled by default, but check to be sure.)
- Once the meeting begins and everyone is in, lock the meeting to outsiders and assign at least two meeting co-hosts.
Wait before you go!
# Mobile Marketing