KEY POINTS

• The Zoom maximum number of daily meeting participants increased from 10 million in December 2019 to 200 million in March 2020. This is an increase of 1900%.
• As many as 2,200 new domains containing the word “Zoom” were registered in March. These fictitious domains are typically used in Phishing attacks and to distribute Malware to unsuspecting victims.
• Internet Crimes can be reported to the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3).

Zoom-bombing occurs when an unauthorized individual gains access to a Zoom meeting. The unauthorized individual typically engages in lewd behavior, such as, showing their genitalia to the meeting participants or displaying pornographic images and or videos to meeting attendees.

With the majority of the global workforce teleworking, in order to reduce their chances of contracting the novel coronavirus, organizations have opted to host meetings, happy hours, and other events online via Video Teleconferencing (VTC) applications like Zoom, Microsoft Teams, and WebEx in order to connect with remote individuals. While VTC platforms are a great way to engage with remote teams, improperly deploying these solutions can open your organization to unnecessary risks. The Orange County Public School system recently learned this lesson the hard way.

In this article, we will review 5 easy steps that will significantly increase your video conferences security and ultimately make it difficult for individuals to gain unauthorized access to your video sessions. These steps can be applied to Zoom, as well as other VTC platforms.

1. Refrain from making your video conference public if possible
   When a conference room is public, it’s truly accessible to the entire world. In order to prevent unauthorized individuals from entering your conference room, the room settings should be set to private/closed. This is not done by default in most cases. The host can make a room private by either requiring a meeting password or using a waiting room feature which requires the host to approve each individual who attempts to join the meeting.
2. Manage screen sharing
   Screen sharing is a great way to collaborate with remote teams. However, this also allows anyone in the meeting to display content to the entire room when not setup properly. The Host should set screen sharing to “Host Only” and then grant sharing privileges to those who need to share with the group, as needed, in order to limit who can share the contents of their screen to the entire group.
3. Disable file sharing unless needed
   When done properly, file sharing can be a great way to collaborate and share knowledge with geographically distributed teams. Done improperly, such as in an open/public room, file sharing can allow an attacker the ability to distribute malware laced files to all meeting participants and or allow an individual the ability to access files that should not be shared with the public. It’s highly recommended that file sharing be disabled in your meeting room unless truly needed.
4. Ensure you’re using the latest version of your VTC application
   With video conferencing applications being the center of attention, due to the significant increase of VTC hijackings, companies have begun to introduce security related fixes into their latest application releases. Updating your applications in general is one of the best ways to ensure that recently disclosed vulnerabilities have been patched and your system is safe from attackers.
5. Update your Anti-virus and Anti-malware software
   When all else fails, your anti-virus and anti-malware solutions are here to prevent attackers from compromising your device. The latest updates include signatures for many of the common attacks employed by malicious individuals, thus, providing you with an additional layer of defense if you forget to apply one of the above best practices. This simple tip can be the difference between you being able to enjoy using your device vs your device essentially becoming a paper weight.

We hope that you’re able to video conference in peace during these uncertain times. O’Mard Consulting Services, LLC is here to assist if you need help implementing any of the aforementioned best practices in your video conferencing platform of choice. Don’t forget to subscribe to our mailing list to stay up to date with our latest post!

Additional VTC Security Resources:

• Zoom’s Latest Cybersecurity Measures
• Security and Microsoft Teams
• FBI Warns of Teleconferencing and Online Classroom Hijacking