Imagine a press conference taking place via Zoom. With the coronavirus pandemic making social distancing a way of life and lockdowns a reality, this has become the norm in many parts of the world. Everything appears to go smoothly, till the conference is ‘Zoombombed’ and the trolls who have taken over, start drawing content over the presentations.
That’s exactly what happened at a press conference by the Broadcast Audience Research Council (BARC) which took place via Zoom on Thursday. According to a reporter present during the Zoom video call, trolls took over the virtual press conference and they started to draw objectionable content on the presentation screen. They even played music and videos causing the conference to be abruptly stopped. But this is not a new scenario.
Given the app’s meteoric rise in popularity and usage, ‘Zoombombing’ is a new problem plaguing those who rely on the service. While Zoom might have made it easier to log into video meetings with just a simple link, it appears that for trolls, ‘hacking’ into the meetings is also quite easy.
Incidents of racial slurs and pornographic content being posted by these Zoombombers, are being reported from the US. The New York Times reported how a Zoom public chat video by Chipotle in participation with the musician Lauv had to end abruptly after one participant began broadcasting pornography. Zoombombings also appear to be taking place inside online classes, PhD defense sessions, press conferences, and even virtual meditation sessions, according to other reports.
In the US, where most colleges have been shut down and classes moved online, zoombombing is a serious problem. Jessica Jackson, a second-year student at UCLA told Buzzfeed News about how her astronomy class was hijacked and the person kept using racial slurs. She also posted a tweet on Twitter highlighting the incident.
Check out her tweet below:
Idk who the people are that did this during our lecture but you’re incredibly immature and unbelievably disrespectful. pic.twitter.com/ghXIZBV5Jp
— NOT FOR THE SOCIALS🤝 (@j_donatella) March 31, 2020
Twitter user Ceri Weber highlighted in a viral thread, how her PhD defense, which was being done via a Zoom call, was taken over by trolls. She wrote that the trolls had managed to bypass the microphone and re-entry settings, and even muting them did not help. Removing accounts did not help either as new ones would come in, and the trolls also bypassed the waiting room.
Check out her Twitter thread below
— Ceri Weber (@ceri_weber) March 28, 2020
So what exactly is happening with Zoombombing?
The reason it is so easy to do ‘Zoombombing’ can be blamed on the curse of convenience when it comes to Zoom. A host can simply share a link — with or without a password — for a meeting with all participants and they can join by just clicking on the link. The problem is that anyone who gets the link can also join in, and as the zoombombing incidents show, it can be easily misused by trolls.
Even keeping a password might not be helpful because one of the participants could decide to simply leak the password to someone else or might post it online as a prank. This is what appears to be happening in the US with links and passwords to zoom calls are being shared on Facebook Groups, on Twitter, etc.
Express Tech is now on Telegram. Click here to join our channel (@expresstechie) and stay updated with the latest tech news
But the zoombombing incidents also highlight the worst of internet culture where sharing pornographic content, attacking with racial slurs have become so common. Plus, if the host of the meeting does not restrict screen-sharing to themselves, it can give trolls easy access to share and broadcast their own content.
Zoom which was pitched as an enterprise video conferencing tool has seen a massive spurt in its usage, extending to college students, school students, and more.
“The recent incident where hackers posted pornographic content on the user screens of video conferencing app Zoom, shows us how cybercriminals are working overtime to find vulnerabilities. In such a situation, it is vital that communication platforms support end-to-end encryption and multi-factor authentication to avoid such untoward incidents,” Devashish Sharma, CTO at Flock said in a statement. It should be noted that Zoom video calls are not end-to-end encrypted by default, and the company has confirmed this. Sharma also added that the leadership teams at companies need to educate themselves about IT security best practices.
Zoom has also woken up to the problem and written a dedicated blog on how people can keep crashers from entering their video calls. Zoom is recommending that hosts should lock a Zoom Meeting that’s already started, so no new participants can join, even if they have the meeting ID and password. One can do this by clicking on Participants at the bottom of the Zoom window and then clicking the button that says Lock Meeting.
It is also recommending the setting up of two-factor authentication by requiring a password to join, though someone else can always leak the password.
Zoom also has the option for hosts to turn off someone else’s video along with the ability to mute participants, as well as turn off file transfer to ensure that no unsolicited pictures or memes and other content is shared.
What the FBI has to say on the matter
The ‘Zoombombing’ problem has become so serious that in the US, the Federal Bureau of Investigations (FBI) has been forced to step in and issue guidelines on how to keep Zoom meetings secure. In a statement, the FBI also said it is taking note of two separate incidents in two schools in Massachusetts. In the first, an individual joined an online Zoom class and yelled profanities. In the second, a troll joined the class and showed off swastika tattoos.
The FBI has also issued the following recommendations to keep Zoom meetings secure:
Do not make meetings or classrooms public. Zoom gives users the option of making their meeting private, which would require a password to join in. Or the host can use the waiting room feature and control the admittance of guests.
FBI is also advising against sharing links to Zoom calls on any social media post, which is publicly available. It recommends providing direct links to specific people. It also recommends that the screensharing option should be limited to the “Host Only.”
Users need to make sure they have the updated version of Zoom, because in January 2020, Zoom added passwords by default for meetings. It also disabled the ability to randomly scan for meetings to join.
Subscriber Only Stories
Work from Home appears to be the norm for many of us. We at Indian Express tech have some articles which could help make this easier. First, how to optimise your WiFi, which is really important. Read on that here. Next, we explain how to save data on WhatsApp given we might be using a lot more of this. Then we explain how you can balance screen time while doing work from home. Also these video calling apps can be useful when relying on work from home. Don’t let it be all about work, you can rely on these fitness apps to continue that workout during the lockdown. And finally some general tips to keep in mind while working from home.
China reports 35 new imported coronavirus cases, six deaths