FBI: COVID-19 Spurs Increase in Zoom, Video-Conferencing Hijacking
DHS CISA alerts to FBI insights on the rise in hijacking attacks on Zoom and other video-conferencing platforms during the COVID-19 pandemic, sharing tips to defend against hacking attempts.
By - The FBI released insights into ways organizations can defend against video-teleconferencing hijacking attempts, in the wake of a rise in “Zoombombing” attacks on the Zoom VTC platform during the COVID-19 pandemic.
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency alerted to the FBI notice, given the increase in reports of video-teleconferencing hijacking. And as the Office for Civil Rights lifted penalties around telehealth use of these platforms during the pandemic, the guidance can prove useful to healthcare organizations.
The FBI has received multiple reports of hackers disrupting online conferences with threatening language, pornography, and or hate images, as the Zoom platform has seen a record number of user traffic.
The FBI Boston Division shared two school-related incidents: one where an individual hacked into an online high school class and shouted profanity into the teacher’s home. In another incident, an unauthorized user accessed a Zoom meeting and was visible on camera displaying racist symbols.
According to Check Point researchers, hackers began targeting the platform as use has dramatically increased with the pandemic. There have also been a significant number of malicious domains registered in the last month that are tied to Zoom and other video-conferencing platforms.
The Zoom platform itself has come under fire several times this month for a host of privacy-related concerns, including the Zoombombing incidents and for sharing data with Facebook. Sen. Richard Blumenthal, D-Connecticut, launched an inquiry into the platform in light of these attacks.
In response to these reports, Zoom announced that it was halting software development for the next three months to focus on privacy and security concerns, as it’s seen more than 200 million daily meeting participants, both free and paid, during March alone.
To get ahead of these concerns, the FBI provided key recommendations for organizations to defend against these attacks. It’s important to verify that meetings are not made public. Through Zoom, users can either require a meeting password to gain access, or employ the waiting room feature to control the admittance of guests.
Links to these teleconferences should not be made publicly available through social media posts. Rather, the link should be provided to the intended guests. The FBI also reminded organizations to manage screensharing options. In Zoom, that means changing the screensharing settings to “Host Only.”
“Ensure users are using the updated version of remote access/meeting applications,” according to the notice. “In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.”
“Ensure that your organization’s telework policy or guide addresses requirements for physical and information security,” it added.
DHS CISA added that organizations consider security requirements when selecting a vendor for its video-conferencing needs. In healthcare, this should included end-to-end encryption, which is not employed on Zoom’s free versions. Those providers should ensure the vendor they chose offers the security feature.
For providers, WALLIX and Pulse Secure recently provided a sound list of best practice technologies and policies that can shore up telehealth and remote work privacy and security during the Coronavirus crisis. Experian Health also recently shared insights into best practice cybersecurity for remote care and patient portals, which can also reduce these types of vulnerabilities.
