Zoombombing: Three Lessons for Homes Users and Why This is Important

If you have been using Zoom to handle your work-from-home team calls, you’ve probably already heard of Zoombombing. This is the modus operandi: internet trolls jump uninvited into public Zoom calls. They then use the video conferencing platform’s screen-sharing feature to broadcast graphic content like pornography to the video call’s attendees. The purpose of these ‘screen shares’ is to disrupt calls, troll participants in a Zoom meeting, and harass them.

If you’ve had a meeting Zoombombed, you know that it’s not a great feeling. Imagine your team brainstorming the efficacy of a marketing plan you have just implemented. And suddenly, pornographic content appears on the screen. All that focus and concentration goes out of window, and you must stop the call.

So, how did this happen?

A default setting in Zoom allowed meeting participants to share their screen when they want, without asking for permission from the meeting’s host. Also, anyone with a link to a public meeting could join the meeting, no questions asked. These links are traded in various Facebook groups,  Discord chats, social media platforms, and more.

It’s important to note that it’s not just adults who were susceptible to Zoombombing. Kids were also at risk. Zoom is being leveraged by teachers to conduct online classes, which is a new normal in the times of coronavirus.

Zoom delivered a solution quickly

To be fair, Zoom quickly realized they had a serious problem on their hands. They pushed out a few security updates quickly. One made passwords a pre-requisite for all meetings. This meant that even if hackers get their hands on a meeting ID, they could not access a meeting. Video chat gate crashers can now be stopped at the “gate” by the host with a feature called Waiting Rooms. While this feature was already available to users, many were either not aware of it or were not using it. Now, this feature is turned on by default and the host must allow attendees to join the meeting.  Also, henceforth, only the host has screen sharing privileges by default, and the host must allow participants to share their screens. This setting can be changed to allow all participants to share their screens but defaults to the more secure option. A recent feature released by Zoom allows account owners and admins to disable personal meeting IDs (PMIs), which further makes Zoombombing difficult.  

What did we learn from Zoombombing?

1. Be aware of the threats going around

Cybercriminals are always on the lookout for scenarios tailor-made for them to attack software. As more people started working from home and students started learning remotely, Zoom became the video conferencing tool of choice because of the convenience it offered. Cybercriminals made use of this opportunity to start Zoombombing with gusto.

Zoom stepped up with a series of security measures, but it is important that Zoom users are aware of these measures. Zoom users need to be aware of Zoombombing and how Zoom went about solving this issue. Otherwise, you are setting yourself up for more such attacks. Zoom should also be used as an example. Tomorrow, another platform/software can come under fire from cybercriminals. It is your awareness that will help you address these challenges.

2. The most irritating cyber threats can turn dangerous

Even the best software can be exploited by cybercriminals. In the case of Zoom, the purpose was harassment and embarrassment to meeting attendees. However, there is a very good chance that cybercriminals can exploit your need for Zoom by launching a phishing attack. Imagine you have been Zoombombed. The very next day you receive an email. It says in order to secure your Zoom meeting, you must download a particular attachment. The email is entirely convincing. Coupled with your worry, you might download the attachment – which is likely malware.

So, the cybercriminals in this case used Zoombombing to create a sense of frustration (and your need for a quick solution). They followed it up with a phishing email that leveraged this frustration.

3. Keep updating your software

This is of paramount importance, especially when you are working from home and your kids are studying remotely. If a software patch is available, you must patch. Some of these patches will be security patches that plug a security hole in the software. If you don’t patch, this hole is left open for a cybercriminal to exploit at leisure.  It’s important to select automatic updates for a software so that you don’t miss out on an update. However, if you have chosen to manually download updates for various reasons, it is important to keep checking for the latest patches/updates available for the software.

Install a cybersecurity solution   

Learning from the various prevalent cyber threats is important. But it is doubly important to act on these lessons. Deploy a cybersecurity solution with strong antivirus protection that uses advanced technology to protect your PCs and Macs from both known and unknown threats. It must use predictive and intuitive AI with deep learning to evaluate files before they execute and stop threats before they can wreak havoc.