Idealogical Systems Inc.

‘Zoom-Bombing’: Using ZOOM for virtual meetings while you Work From Home? You could be at risk

April 09, 2020 | Tips & Tricks, Logical Talk, Helpful Advice, Cyber Security

‘Zoom-Bombing’: Using ZOOM for virtual meetings while you Work From Home? You could be at risk

COVID-19 is slowing down the majority of us, but one industry that keeps getting stronger and being successful even during a global pandemic is the Industry of Cyber Attacks. As keeping businesses safe remotely gets challenging, the hackers are leaving no stone unturned to take advantage of your vulnerabilities. One of the many examples of such an incident is the recent Zoombombing attack.

Wondering what is Zoombombing and how it can affect your security? You are on the right page, read along.

What is Zoom? How it works?

Zoom Meetings is a popular cloud-based video conferencing application, primarily used by businesses to host remote meetings with colleagues, clients and partners who are not located in the same office as you.

What is Zoom-Bombing?

When a hacker gains access to your live call while you are on Zoom is called Zoom-bombing. These hackers join your zoom calls like any other participant on the call and share their screens to bombard real attendees with disturbing or distracting content. Most attacks exploit publicly available Zoom links, but some private meetings may also be vulnerable.

When was the recent Zoom-Bombing incident?

Although Zoom bombing attacks have been around for a long time, the frequency of attacks increased in the last two months. Likely so as the worldwide number of Zoom meeting participants for March 2020 has increased to 200 million from just 10 million last year.

But, over the past few week, when the hackers starting attacking multiple LIVE online classroom session and companies like The Information is when Zoom-Bombing as a form of cyber-attack was picked up by the North American media.

How can I protect myself from Zoom-Bombing?

  • Avoid using your Personal Meeting ID (PMI) to host public events. Your PMI is essentially one continuous meeting, and people can pop in and out all the time. Learn about meeting IDs and how to generate a random meeting ID. Link to Official Full video tutorial.
  • Familiarize yourself with Zoom’s settings and features. Understand how to protect your virtual space when you need to. For example, the NEW Waiting Room feature is helpful for hosts to control the in-and-out traffic of the call.
  • Always have a team member as the ‘host' of the call whose only job should be to monitor the participant activities on the LIVE call vigilantly. This will give you an added layer of security and will let you continue your meetings without any disruptions.

Here are some more tips to protect you from Zoom-Bombing

  • Restrict member entry: If someone tries to join your event and isn’t logged into Zoom with an invited email account, they will be forced to authenticate their credentials.
  • Set up a password: A password adds an additional layer of security, one that may be useful for meetings outside of regular meeting hours. You may wish to share the password directly with your participants over an email.
  • Remove unwanted or disruptive participants: From the same “Participants” menu, hover your mouse over a participant’s name. Several options will appear, including “Remove.” Click that to kick someone out of the meeting.
  • Allow removed participants to rejoin: When you do remove someone, they can’t rejoin the meeting. But you can toggle your settings to allow removed participants to rejoin, in case you boot the wrong person.
  • Disable attendees’ video: Hosts can turn anyone’s video off. This will enable them to block unwanted, distracting, or inappropriate gestures on video.
  • Mute participants: Hosts can mute/unmute individual participants or all of them at once to block unwanted, distracting, or inappropriate noise. You can also enable Mute Upon Entry in your settings to reduce confusion in large meetings.
  • Turn off file transfer: In-meeting file transfer allows participants to share files through the chat interface. Toggle this off to keep the chat from getting bombarded with unsolicited images, GIFs, or other files.
  • “Lock” the meeting: When you lock a Zoom Meeting that’s already started, no new participants can join, even with an approved meeting ID and password. During a meeting, click “Participants” at the bottom of your Zoom window. In the Participants pop-up, click the “Lock Meeting” button.
  • Turn off annotation: You and your attendees can annotate a screen share to mark up content. You can disable the annotation feature in your Zoom settings to prevent disruptive misuses of this feature.
  • Disable private chat: Zoom has an in-meeting chat for everyone, but participants can also message each other directly. Restrict participants’ ability to chat privately while your event is going on to limit distractions that may reduce engagement by participants.

While there are other tools like Google Hangout and Microsoft Teams, we would recommend continuing to use Zoom because of its advance features, HD audio-video and easy usability. But like any other external tool, you have to be extra careful.

Share this page with your colleagues, family and friends who are currently working from home and use the Zoom calling application.

Our recent blog post on Work From Home Guide For Employees could also help you be more aware and vigilant while you work from during the coronavirus pandemic. 

Back to all blogs