By Chand Bellur
April 7, 2020 at 7:20 p.m. PDT
- The novel coronavirus pandemic forces billions to telecommute to prevent spreading the disease.
- Digital conferencing provider, Zoom, allowed some user groups to forgo security measures in virtual conferences.
- Zoom teleconferences, hijacked by rogue political groups and other miscreants, were subjected to intrusive attacks.
- Pledging to enhance security, Zoom now defaults to higher security levels.
Zoom Hijacked During Critical Moment
Founded by former Cisco engineer, Eric Yuan, in 2011, Zoom Video Communications provides global teleconferencing services. Its base package features 40 minutes of teleconference time for up to 100 users. Business customers can pay for up to 1000 simultaneous clients, among other advanced features.
Zoom recently underwent a test and failed. Amid the novel coronavirus pandemic, an epidemic of “Zoombombing” undermined the teleconferencing provider’s security and reliability. Hijacking Zoom video conferences became a global phenomenon, because the company imposed few security restrictions on users.
A “Zoombombing” attack involves crashing a teleconference. Since many teleconference sessions had no security in place, malicious actors could sign in and harass participants. For example, an online class could be interrupted with inappropriate adult content.
Now, more than ever, people rely on remote communication tools to collaborate. With stay-at-home orders in most of the world, workers must be productive without being in the same location.
Zoom Enforces Passwords and Other Security Measures
Educational institutions and businesses began switching to other teleconferencing solutions, amid concerns over Zoombombing. Action was a necessity, if Zoom intended to retain customers.
Fortunately for Zoom, the solution was simple. So simple, it’s hard to believe the company allowed unfettered access to their teleconferencing system in the first place.
The company finally forced password protection on all teleconferences. Zoom now requires passwords for scheduling, instant meetings and phone participants. New security measures, imposed on corporate customers, are also part of Zoom’s new strategy. For more information, please visit Zoom’s customer service website.
One would think these security features would be immutable, or at least active by default. Unfortunately, Zoom just wanted to make the product easy to use. They ended up making it convenient for malicious users to hijack in the process.
Alternatives to Zoom
Given that Zoom is a target for hackers, new security measures might not be enough. More sophisticated malicious actors may be able to defeat password authentication. Ideally, a teleconferencing system should verify a person’s true identity.
Apple and Google offer excellent teleconferencing systems. Apple’s FaceTime now allows up to 32 people to attend a meeting. Google Hangouts allow up to 150 participants; however, only 25 can communicate. Given the rather small participation limit, it’s no wonder Zoom has become so popular.
GoToMeeting is an excellent option for corporate users. The platform allows up to 3,000 participants in a meeting, exceeding Zoom’s capacity.
There are multiple teleconferencing systems out there. Make sure to search the web to find one that best fits your organization’s needs.