CyberHoot’s mission is to help people become more aware and therefore more secure. This week’s blog is about securing Zoom meetings and why you would need to do so. When you don’t secure your meetings, bad things happen like porn being broadcast in a court hearing.
Background:
In July 2020, hundreds of high-profile twitter accounts were hacked including Elon Musk, Kanye West, Barack Obama, Bill Gates, and many others. All accounts posted identical messages asking for bitcoin donations promising to double it and return the profits to the sender. Twitter came out and made a statement the next day stating the incident appeared to be
“a coordinated social engineering attack by someone who successfully targeted some of our employees with access to internal systems and tools.”
One has to wonder if Twitter should be using CyberHoot to train employees how to spot and avoid social engineering attacks?
The FBI quickly caught the perpetrator, a 17-year old named Graham Clark. During his virtual court hearing, hackers Zoom Bombed the proceedings, streaming pornography into the Zoom meeting. Court officials, with troubled looks on their faces, cancelled the proceeding.
How Did This Happen?
By law, notice of this court hearing must be posted on the Florida State Attorney’s Office website. However, officials seemed unable to properly secure the meeting. Within the Zoom meeting, few customary precautions were taken: all users were able to unmute their microphones and stream their own video! This lack of security made it easy for a “zoom bombing” to occur. Within a minute of the hearing’s start, hacker(s) interrupted a discussion between Clark’s attorney and the judge by streaming a live video of himself adjusting his face mask. Just a few minutes later, someone began interjecting loud music. Judge Christopher C. Nash was personally in charge of administering the video hearing when, after roughly 15 seconds worth of random chatter interrupted the prosecution’s response, Nash told participants he was removing the troublemakers as quickly as he could. What happened a minute later was almost inevitable given the security settings of this particular Zoom conference call; someone streamed a graphic video clip from PornHub for approximately 15 seconds before Judge Nash abruptly terminated the broadcast.
Secure Your Meetings
Zoom gets a bad reputation from such events, however, it’s important to realize any web conference can and will be attacked. Hosts must secure their meetings appropriately and they must learn and practice how to remove disruptive participants from their meetings. Zoom has all the security tools in place today to prevent these events from occurring or to deal with a participant quickly and effectively. Here are a few tips and suggestions of things you can do to stay secure while video conferencing:
- If you are the host of the meeting, make the meeting private, requiring a password or private link to join the conference call
- When the meeting is made private, control access to the meeting by enabling the “waiting room” feature so you can manually let authorized people into the meeting; you will see a message stating, “Bob Johnson would like to join the meeting” and can add them to the proceedings.
- Do a roll call and keep track of the number of participants supposed to be in the meeting. If you invited 8 users and there are 10 in the meeting, you must learn the identity of the two (2) additional participants
- Don’t share the meeting ID, password, or meeting link on a public platform, such as your website or related social media site
- Once every authorized user has joined the meeting, lock the meeting so nobody else can join
- Only allow the Conference Host to have control of screen sharing
- Disable file-sharing so people aren’t flooded with content
- Disable use of the Whiteboard by Participants
Specific Zoom Settings to Examine
The following are recommended settings for hardening your Zoom Meetings:
- Participant video off on join
- Join before host off
- Require a password when scheduling new meetings on
- Require password for participants joining by phone on
- Mute participants upon entry on
- Chat on (group chat)
- Private Chat off
- Co-host on
- Allow host to put attendee on hold on
- Allow removed participants to rejoin off
- Waiting room on
Always take proper precautions when setting up virtual meetings, especially those that require private, uninterrupted conversations. It’s always good to stay on top of emerging threats like these. Stay ahead of the curve by educating your staff and improve cybersecurity awareness by working with CyberHoot!