June 2020

Staying Safe on Zoom


Most teachers are relying on video conferencing platforms to instruct their students since COVID-19 has forced schools to go virtual.

When used correctly, these platforms can be the next best thing to being there in person. Teachers can share slides and interact with their students through voice and text dialogue.

But like everything in existence, it only takes a few bad apples to ruin the experience for the rest of us.
Instances of “Zoom-bombing” have risen dramatically over the past few months. The term, named after the popular Zoom video conferencing platform, refers to when an uninvited user logs into a public meeting and displays inappropriate images, often criminal in nature.
Such cybercriminals have been letting themselves in to meetings around the world, especially virtual classrooms. And it’s no different in Santa Cruz, one of the worst of which was when someone played child pornography during a Gilroy Town Hall meeting of more than 100 people, including the Chief of Police.

Another took place at a Contra Costa meeting about Sexual Assault on April 30, Only minutes into the meeting, an unidentified person shared what many attendees describe as extremely graphic child pornography.

Fifteen reports of Zoom-bombing were filed during the first few weeks of UC Santa Cruz’s spring quarter, according to City on a Hill Press. Local parents have also taken to social media to describe their children’s classrooms being hacked.

While such a “bombing” instance can happen on any platform, Zoom received the dubious distinction of being associated with the crime thanks to its sharp rise in popularity. According to the San Jose-based company, Zoom’s average of 10 million daily participants in December 2019 skyrocketed to 200 million by March 2020.

How can teachers and the general public protect themselves from the intrusion?
In late March, Zoom released guidelines on how users could prevent “uninvited guests” from posting inappropriate content in their meetings. The FBI, which is the lead agency investigating the crimes, also released the following steps to mitigate teleconference hijacking threats:

  • Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
  • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
    Manage screensharing options. In Zoom, change screensharing to “Host Only.”
  • Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
  • Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.

Zoom, which was founded in 2011, announced a number of new safety features for the program on April 22 as part of its “90-day plan” to increase its security capabilities.

“I am proud to reach this step in our 90-day plan, but this is just the beginning,” Zoom CEO Eric S. Yuan stated in a press release. “We built our business by delivering happiness to our customers. We will earn our customers’ trust and deliver them happiness with our unwavering focus on providing the most secure platform.”
Those who were a victim of a teleconference hijacking, or any cyber-crime for that matter, are asked to report it to the FBI’s Internet Crime Complaint Center at ic3.gov.

Leave a Reply

Your email address will not be published. Required fields are marked *