Blog
Security

How to defend yourself against VTC hijacking and being Zoom-bombed. FBI Warns

April 9, 2020
5
min read

Reports of VTC hijacking also called Zoombombing are emerging with the recent influx of video-teleconferecing (VTC) as a primary form of communication during the COVID-19 pandemic.

The FBI has received several reports including video conferences being interrupted by hate-speech/images, threats and or pornographic messages.

Lately Zoom has seen a record number of user traffic and the FBI Boston Division reported two incidents at Massachusetts schools. One instance where someone hacked into a high school’s online class and another where an unauthorized user displayed racist symbols in a school’s Zoom meeting.

In light of these reports, the FBI has released several ways organizations and individuals can defend against VTC hijacking or Zoombombing on the VTC platform Zoom.

The FBI recommends exercising caution and due diligence in your company and personal cybersecurity efforts as we transition more to online conferencing.The following steps have been recommended by the FBI to mitigate VTC or Zoom hijacking threats:

  • Refrain from making meetings or classrooms public.  Zoom has two options to make a conference private:
  1. Require a password
  2. Use the waiting room feature to control guest admittance
  • Control screensharing options. In Zoom you can choose your meeting preferences to screenshare “Host Only”
  • Ensure your colleagues, family or friends have the most up to date version of the VTC software or application that you are using.  Zoom updated their software Jan 2020 including a security update where they added passwords by default for meetings and disabled the ability to scan for meetings that are available for random users to join
  • Ensure your organization has an updated telework policy or guide that addresses your company’s requirements for information and physical security

Zoom also provided an update on their blog recently to its users describing how quickly they have grown overnight due to the pandemic.

The update includes the user growth from this year to last year booming from 10 million users to 200 million users. Updates to their customer service portal including a toolkit that provides users support and training documentation on how to best use the platform. They also include a resource to help users address Zoombombing on their platform. Moving forward, the company plans on dedicating resources to identify and fix issues more proactively. This includes launching a CISO council to facilitate a continuous dialogue of privacy and security best practices.

In addition to the FBI’s report and Zoom’s blog CISA has provided more resources here.

Related Articles

Decoding Gen Z's Payment Preferences
Kubera
April 25, 2024
Transforming Banking for the Mobile-First Generation
Kubera
April 18, 2024
News
Nuvei Goes Private in Landmark $6.3 Billion Deal
Kubera
April 16, 2024
Address:
450 Southwest Marine Drive, 18th Floor
Vancouver, BC
V5X 0C3
Contact:
Toll Free: 1 (855) 458-2372
Local: 1 (604) 484-9297
Email: help@kuberapayments.com
HomeBlogContact
Kubera Payments Corporation is a business consulting firm connecting our clients to many different partners and products. Among other partners:

Kubera Payments Corporation is an authorized agent of Ignite Payments, a Fiserv company

Kubera Payments Corporation is an Elavon Payments Partner & Registered MSP/ISO of the Canadian branch of U.S. Bank National Association and Elavon

Kubera Payments Corporation is an authorized agent for Worldline, VersaPay and Authorize.net
Copyright © Kubera Payments Corporation. All rights reserved.
Privacy PolicyTerms And ConditionsCookies Policy