Steps for a more secure Zoom Video Chat

Updated on 17th April 2020
By research-team
4 Minutes Read
336 Views

ZoombombingAmidst the COVID-19, when the companies have resorted to virtual meetings as a new normal to keep the businesses moving, the schools and colleges have likewise turned to virtual classes, this surge has resulted in 200 Million connections to Zoom every day in the month of March 2020, while in the same month last year, the engagement stood at an average of 10 Million connections per day. This colossal increase of adoptions has made Zoom a sweet spot for the hackers. In the recent attack references, termed as ZoomBombing, the hackers disrupt the ongoing Zoom with the issues like:

  • Uninvited guests join the meeting and not only access to the screenshots, ongoing presentations, but also start showing the unsolicited content.
  • Cause the disturbance in the meeting with unusual noise, comment, inputs or even drop some malware or pornographic materials, etc.
  • Create chaos so that the Host is forced to end the Meeting.

The attackers either steal or distribute the Zoom Meeting IDs/Links to invite the uninvited guests to disrupt the meeting rooms. The distribution of the stolen Meeting IDs/Links along with the meeting passwords are distributed using the forums such as Twitter, Reddit, Discord, etc. Our researchers have highlighted another pattern, where any of the invited students engage with the hackers in connivance to cause disruptions to their own classes. Ministry of Home Affairs, Govt. of India has issued an advisory in this context on 16 April 2020 and we solicit you to have a look into the suggested measures.

Besides this, our cybersecurity research team recommends the following best practices to mitigate the risk:

  • Strengthen the passwords for the Zoom Host accounts, or preferably use your Google or Facebook authenticated session to login to Zoom (as Zoom supports the Federated Identification from Google Mail, FB, etc.). Multi-factor authentication facilitated through Google Mail Login may offer additional security for the host of the meetings.
  • Make sure to update the latest security patches for the Zoom that are installed on the host and attendees’ client app devices.
  • Utilize available security configurations/settings, some of which can be exercised by the host prior to a session like disabling people from joining a call before the host, enabling a co-host, disabling file transfers to avoid sharing viruses, and disabling anyone from joining or rejoining a call once it has started.
  • Avoid the recordings on the Zoom session until absolutely essential. In the event of the recordings, use the custom nomenclature for the recorded files instead of the default names.
  • Installed and Updated Antivirus on the Host and Attendees will facilitate the protection against any potential malicious code or harmful Weblink dropped by the hackers in the compromised Zoom session.
  • In case the attendees are children, it is suggested that the additional security configuration for enabling the Parental Control feature of the Updated Antivirus. This will protect against the launched pornographic links in the compromised Zoom session.
  • Set control & access permissions for the attendees to allow their minimum required activities. In the schools and university classes over Zoom, sharing of the screen by attendees is a seldom requirement, therefore the strict measures of Host-Only can share the screen should be configured.
  • Prefer using a client to site VPN sessions instead of Zoom in high privacy requirements.
  • Use very strong passwords on the Wi-Fi or Broadband routers to avoid the broadband device takeover (at the site of a host or any attendee) by the hackers through a compromised Zoom session.
  • Keep your Webcam off, if not required. Also, make sure to turn it off after the meeting is over.
  • In the role of a host or presenter, beware of who is accessing the shared content, unwanted attendees, and the likelihood of unwanted attendees may share malicious/phishing content/files/links.
  • Avoid keeping your meetings open to anyone and making sure that the security practices are followed by attendees prior to as well as during the meeting.
  • Follow the best security practice policy chalked by your respective organization for endpoint & network security. You may have come across such policies during staff training related to security awareness.
  • As the MHA, Govt. of India, has placed the Zoom App in the risky apps category, we solicit you to learn more about it at the following link: http://164.100.117.97/WriteReadData/userfiles/comprehensive-advisory-Zoom-%20meeting%20platfom-20200412-(2).pdf

Additional references associated with Zoom Security issues that have been reported recently are:

For Latest Updates/Patches on Zoom, visit:

 

For any additional queries or cybersecurity concerns, you may reach out to our Purple Team at [email protected]

 

PurpleSyanpz® – A Cyber Security Research and Training Lab, is a proud venture of QOS Technology, an award-winning and one of the leading cybersecurity consultants in Asia. For any business inquiry, you can reach to their team at [email protected]

Research Team
Research Team

Leave a Reply

Your email address will not be published. Required fields are marked *

shares
Learn Check Point, Red Team Skills, Wireshark, OSSIM, and Splunk from certified and top-rated security practitionersEnroll Now
+