The Ultimate Zoom Security Guide for Meeting Hosts – Pt 1
In the last four months, the Zoom userbase has exploded from 10 million to 200 million users. With some of the biggest companies and government organizations in the world using zoom, and countless smaller businesses, the temptation for hackers has been just too much. This once-consumer-focused platform has been the target of some serious hacking.
Zoom-bombing, once a relatively small problem on the platform, has become the go-to way for hackers to get their jollies and collect phishing material. You may have already been a victim of zoom-bombing or have seen reports or know someone who has been in a bombed meeting. These attacks are not just intrusive and disruptive; they’re also a risk to company information and information privacy.
So today, we’re here to give you the answers. We’ll lay out what zoom-bombing really is, how it’s done, and how meeting hosts can protect their meetings and attendees from these despicable crisis-opportunist attacks.
What is Zoom-Bombing?
Zoom-bombing is when a hacker accesses your meeting without permission, then bombards the meeting with hateful or offensive video. They may scream, play loud music, post pornographic videos, and attack people in the meeting. If the meetings’ settings are too open, they will be able to take over the screens of every participant to show their disruptive content designed to upset.
At the same time, hackers gain access to everything available in the meeting. The names or usernames of attendees and the host, the organization name, shared documents, shared data on screens, and any details written into the meeting description. For phising purposes, they can use this information along with screenshots and video-captures of real people to steal identities later on.
– Zoom-Bombing is Done with Meeting-IDs for Password-Free Meetings
How is zoom-bombing done? By scanning for meeting IDs that aren’t password protected. One of the reasons zoom-bombing has become such an overwhelming problem is because there is a program called zWarDial. Because Zoom meeting Ides are a 9-11 digit sequence of numbers, zWarDial just tries an infinite number of combinations until it finds one, resulting in about 100 meetings accessed per hour, per instance of the program. Combined with Tor, they can even still circumvent Zoom’s defenses against multi-scanning.
So let’s dive into how to stop these attacks in their tracks:
Assign a Password for All Meetings
The first, best thing you can do to protect your meetings from zoom-bombing is to add a password. zWarDial doesn’t work with meetings that are password-protected, and even a very simple password will stop hackers from automatically dialing up your meeting.
– New Meeting – Don’t Uncheck the Box
When you make a new meeting, Zoom has ensured that the password box is checked by default. Your password is then default-set to a sequence of six random numbers. Keep the check-box, change the password. Zoom has made it easy for new meetings to keep themselves safe in this way.
– Old Meeting – Add a Password
If you have a meeting that’s been ongoing on-and-off for a few months or a year+, check the settings. Make sure there is a password and, if there isn’t, add one. One of the remaining loopholes in Zoom’s new security policy is old ‘legacy’ meetings that need to be individually updated to include a password.
– Compose a Strong Password
Don’t use Zoom’s default digit password. We already learned that random digits of a specific length could be computer-hacked, and some hacker is going to try when no-password meetings become too rare. A great password technique is to write a funny sentence, then turn it into an acronym, then add some number-symbol replacements.
– Email the Password to Participants
Once you’ve made the password, email it privately to your participants. This way, each person who is meant to join will be the only people with access to the meeting.
Set Screen Sharing to Host-Only
Screen sharing is the second big problem with zoom-bombing. The bombing aspect of the maneuver, in fact, often centralizes on the ability to take over the screens of others to show a larger version of the hacker’s selected bombing material. Screen-sharing is a surprisingly risky feature if you don’t individually know and share a mutual respect with everyone in the meeting. Hackers, if allowed, will use screen-sharing to post disruptive videos, music, and images.
Stop them by going into your screen-sharing settings. In the meeting, go to Screen Sharing, then Advanced Settings. There, you can set the sharing-settings to host-only. This means only you, the host, can share your screen.
You can also assign this setting to all meetings by default by exploring your platform meeting host settings.
Keep Your Client Updated & Watch Out for Malware Traps
Zoom is constantly providing updates to increase the security and performance of their meeting platform. Staying safe means downloading each client, keeping your clients up-to-date, and not falling for malware spoofs.
– Only Download or Update Zoom from Zoom.us
Hackers, right now, are using fake Zoom update alerts and download links to trap those trying to work from home. When you download or update Zoom, be sure to only access Zoom.us, the official website for the platform. Zoom is the only developer of Zoom updates, and they only provide downloads through their own domain.
– Avoid Any Unsolicited Zoom Updates or Offers
If you see a pop-up telling you that Zoom needs to be updated, do not click it. If you see an ad offering Zoom packages, don’t buy it. Zoom doesn’t offer updates or downloads in this fashion. Hackers are trying all sorts of chicanery to convince Zoom-users to compromise their computers and data. They’ve already caught more than a few users with these fake upgrade alerts.
– Report Malicious Activity
If you do identify a false Zoom advert, find someone to tell. Tell your team. Take a screenshot and post it on the internet so others know what the malware-Zoom attempts look like. If your company has a malware management procedure, get involved. The more these hackers and hacking methods are exposed, the less freedom they have to operate.[Continued in Part 2