#Privacy: FBI warns of Zoom-bombing

As many turn to video-teleconferencing (VTC) amidst the COVID-19 crisis, reports of VTC hijacking have emerged nationwide. 

The US Federal Bureau of Investigation (FBI) has warned the public of VTC hijackers (also known as Zoom-bombing), whereby hijackers join Zoom video conferences for malicious purposes. 

Zoom has seen a massive surge in users since the global pandemic has forced a large amount of people to stay at home and turn to video meetings for social interactions, work and school. 

In turn the FBI “has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” read the warning

According to the warning, two schools in Massachusetts, within the FBI Boston Division’s area of responsibility (AOR) have reported two incidents involving Zoom-bombing.

In late March 2020, a Massachusetts-based high school reported that whilst a teacher was conducting an online class using Zoom, an unknown individual dialed into the conference, yelled profanity and then disclosed the teacher’s home address. 

A second Massachusetts-based school reported a Zoom meeting being accessed by an unknown individual. The hijacker was visible on the video camera and had been displaying swastika tattoos. 

“As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts.”

The FBI has advised users to:

  • Do not make meetings or classrooms public.
  • Do not Zoom conference links on public social media. 
  • Manage screen sharing options. 
  • Ensure users keep their Zoom clients up to date. 
  • Ensure that the organization’s telework policy or guide addresses requirements for physical and information security.

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/