I am sure by now you have heard news reports of malicious actors targeting and disrupting online meetings. The use of meeting and collaboration platforms has exploded with the increased number of individuals working from home due to the COVID-19 pandemic. This fact has not gone unnoticed by malicious actors and they are exploiting any vulnerabilities in these technology platforms.
The FBI has issued a warning regarding Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic with some details and recommendations. The Zoom Meetings application has been heavily targeted. This has led these teleconferencing hijacking attacks to be called “Zoom-bombing”. To make matters worse, this week, Bleeping Computer reported researchers at the cybersecurity firm Cyble found 500,000 Zoom credentials for free or for sale on the dark web for less than a cent each.
If you use Zoom for meetings and collaborations, there are ways to protect your organization and your meetings from disruption. Below are some best practices to help keep your meetings secure:
- Make sure your meeting software is up to date. If you receive an alert while starting your meeting to update the client, please allow it to perform this task.
- Always use passwords in your meetings, especially on recurring meetings.
- Ideally, do not share pictures of your meetings on social media, but if you do, make sure you do not display the meeting ID or the participants names/phones.
- Get familiar with the software sharing options and advanced settings. Limiting who can share content, muting participants on entry, preventing users from joining before the host arrives, etc. can go a long way protecting your meeting.
- Lock your meetings once all required participants have joined.
- Stay in control of your meeting! As the organizer you can dismiss, mute, or restrict participants as needed.
- Test, test, test! – You can always schedule a test meeting for yourself or invite some of your coworkers to test these capabilities prior to hosting meetings with external users.
It is everyone’s responsibility to protect your corporate environment when you are working from home or hosting meetings.