Zoom-Bombing: A Threat Many Professionals Aren’t Aware Of, But Need to Safeguard Against

The Coronavirus Pandemic is Encouraging Everyone to Adopt New Ways of Learning, Interacting, and Working Together. Zoom is one of the Many Video Conferencing Solutions Out There That’s Seen a HUGE Increase in Users.

Zoom-Bombing: A Threat Many Professionals Aren’t Aware Of, But Need to Safeguard Against

The Coronavirus Pandemic is Encouraging Everyone to Adopt New Ways of Learning, Interacting, and Working Together. Zoom is one of the Many Video Conferencing Solutions Out There That’s Seen a HUGE Increase in Users.

Zoom, a video conferencing software, has seen a massive increase in users since social distancing and shelter-in-place orders have been imposed around the world. Right now, millions of business professionals and individuals are taking advantage of the software for meetings, social gatherings, and get-togethers – all without leaving the house. So first, let’s take a look at the software. Here’s how it works:

  • Zoom is a video and audio conferencing tool that allows for up to 1,000 participants to get together with tools like recording meetings, screen sharing, and more.
  • Zoom offers four price tiers with varying call bandwidths, but given the current circumstances, they have removed the 40-minute time limit on the free plan for schools.
  • Zoom can be joined via the website or a meeting invitation that prompts you to download and run the application or you can dial-in via the phone number.

Pretty straightforward, right? It’s an incredibly easy-to-use software that makes good business sense right now. But is it safe? Zoom meetings are, unfortunately, open to hijacking like any other video conferencing software out there. It’s known as zoom-bombing: a form of hijacking wherein hackers gain access to your meetings.

Zoom Bombing Manchester NH

How Does Zoom-Bombing Work?

As the software gathers more and more users, hackers are more inclined to target it – looking for vulnerabilities to exploit the program. Zoom-bombing typically results from a lack of proper protocols, settings, and features in place to prevent unauthorized individuals from accessing your meetings. Fortunately, it’s entirely possible to safeguard against this threat and keep your meetings private. Here’s how:

Generate a Unique ID for Calls

Zoom assigns a personal meeting ID (PMI) for individuals after they’ve created an account. This is perfect for those who are setting up regularly recurring meetings with their teams. It’s a simple numeric code that can be passed around to team members, then every week, they simply enter the same code.

We recommend opting to generate a unique code instead of using your PMI for meetings. Why? Because once your PMI is out there, it’s easy to find and exploit. A one-time unique code is a much safer option. Simply choose “generate automatically” when you’re setting up a meeting in the options section.

Use a Waiting Room

Sure, it’s great to allow for a bit of socialization before the start of a meeting, especially during this difficult time. Many professionals are tempted to allow their team members to jump on the meeting beforehand and chit-chat. Unfortunately, this means anyone can jump on, as long as they have the simple numeric code to get in.

Instead, use a waiting room. This essentially means participants can’t join the meeting until the host is signed in and on the call. When participants join, they’re left in the waiting room until you go through each attendee one at a time and allow them to jump on. You can still allow for a bit of socialization while you gather your notes, but it’s safer than the alternative.

Require a Password to Join

If you’re hosting a meeting, especially a large one with multiple attendees, it’s always best to require a password to join. This is particularly helpful for those hosting any sort of training and/or webinars via the software. Simply schedule a meeting the way you normally would, but check the box that says “require meeting password.”

In this case, a numeric password will be generated for everyone to use. Keep in mind, you’re only able to require a password if you’ve generated a unique ID for the call, not if you’ve opted to use your PMI.

Keep Screen Sharing for Hosts Only

One of the most significant issues with zoom-bombing is the fact that many hackers use it maliciously to display inappropriate content during a meeting. This is done via the screen sharing option. You can keep screen sharing for hosts only via the web portal settings. Simply go to personal, then settings, then in meeting and choose the option “only the host can share.”

If you’re already in a meeting, go to advanced sharing options and choose the option “only the host can share” to enable this feature. This will help keep your meeting on track and can be turned off if a participant needs to share something.

Be Ready to Kick Out/Hold Participants

Whether an individual is maliciously wreaking havoc during your meeting or they’re accidentally distracting other viewers with children, music, etc. in the room, you’re able to kick out or hold participants as needed. Simply go to the pane on the right with all of the participants and hover over the name of the person. You can choose to kick them out (remote) or mute/hold them as needed.

If it’s simply a matter of an accidental distraction or technical issues occurring, it’s likely best to turn off their camera instead. You can simply click the video camera icon next to their name to do this.

Disable the Private Chat Feature

If you’re hosting an important meeting with multiple participants and you want everyone to pay attention, it’s best to disable the private chat feature to discourage any sort of personal messaging between participants while minimizing the risk of hackers doing any damage. If you disable the private chat, the public chat will still be available.

Simply go to the web application and visit the personal settings on the left side of the screen. Go to the “in meeting” section and scroll until you see the private chat option, then click the button to disable it.

Questions? Get in Touch with Acapella Technologies at (603) 647-1784 Anytime.

Like this article? Keep reading…

Can You Maintain Business Continuity While Your Staff Is Quarantined At Home?

Are Your Business Communications Going Extinct?

Who Can Protect Your New England Business From Phishing?