Zoom Comes Under Scrutiny Because of the “Zoombombing” Attacks Amid the Pandemic Outbreak

IBL News | New York

The interruption Zoom video meetings with inappropriate content, known as “Zoombombing”, has become a widespread practice, amid the coronavirus outbreak.

A simple search on Twitter of #zoombombing provides an idea of how annoyed is the educational community with this kind of attack. Complains about lack of action of the Zoom corporation, along with demands to the uprising startup to create an urgent solution, are everywhere.

The magnitude of the problem is reflected in this testimonial that arrived at the IBL News desk.

Yesterday we had the first online workshop (using Zoom, not using the Webinar mode). We plan ahead, we had a system set up to answer questions, mentors answering those questions, etc, etc. After 30 minutes of the event, we got attacked by trolls that rush into the channel and started to curse, insult the host and participants, writing racist/misogynistic/homophobic things on the chat, etc, etc, etc. It was a really shitty situation, but everyone managed to go forward by locking the meeting and start removing trolls one by one. This seems to be a problem that many people are suffering, and I know some solutions like providing a password, but still, once one malicious person gets the password, the whole event can go to the trash if not properly handled. Besides choosing a platform to go online, we need to have an action plan in case of this kind of attacks, Maybe having an admin on each “online room” with some procedure in case of emergency will be enough, but still, I guess we should try to find a solution to the problem before having the event.

In the last weeks, during the pandemic, Zoom’s popularity has skyrocketed as millions of homebound people have settled into new remote work and learning routines. The platform has been used for everything from business meetings and yoga classes to virtual happy hours. But the increased use of Zoom, along with the free versions of Zoom, has brought more opportunities to hack into it, spewing hate speech and showing porn.

Unlike other types of cyberattacks, hacking into a Zoom meeting can be relatively easy if certain security settings aren’t turned on, experts say. Zoom invites often are posted on social media to increase attendance, which can make them more vulnerable. Some argue Zoom’s default settings could be more secure.

On Monday, New York State Attorney General, Letitia James, questioned the videoconferencing tool Zoom about its privacy and security policies. She sent a letter to Zoom asking what security measures it has put in place to deal with the increased traffic. The New York Times, which obtained a copy of the letter.

Zoom has come under scrutiny because of “Zoombombing.” Professionals, teachers and faculty members have reported people who have accessed their Zoom conferences and yelled profanities, showed pornography or displayed racist or anti-Semitic images.

On Sunday, Zoom said in a blog post that it has implemented safeguards to protect our users’ privacy, “which includes robust and validated controls to prevent unauthorized access to any content that users share during meetings.” However, these policy changes have not stopped the attacks, according to the experts.

Last week, the FBI release the following recommendations for how to handle “Zoombombing.”

  • Don’t make meetings public. Zoom lets users make meetings private by requiring a meeting password or using a waiting room feature to control who’s admitted.
  • Don’t share a link to the meeting on a public social media post. Send the link to people directly.
  • Change the screen-sharing option in Zoom to “host only.”
  • Ask people to use the latest updated version of Zoom.
  • Ensure your organization’s telework policy addresses requirements for information security.

On the other hand, two psychology instructors at the University of California, Riverside (URC), shared 35 how-to Zoom tutorials for teaching colleagues with this tool.

CNN: Zoom faces questions over privacy