With many people working from home during the lockdown, video-conferencing software Zoom has become a popular platform for online meetings. However, the act of Zoombombing – when intruders interrupt meetings – has become a concern.
A government web conference hosted on Zoom by South Africa’s Department of Women, Youth, and Persons with Disabilities was hijacked on April 15, and pornographic images were displayed to the 100 participants present, TimesLive reported.
Adrienne Harris, CEO of Harvest Group Management, told Tourism Update: “With lockdown, there are a lot of very, very bored people out there who think it’s funny to do these things.
“This isn’t unique to Zoom, but because it is a start-up and up-scaled so quickly, it just didn’t have the resources, and its security didn’t quite keep track of risks,” Harris said.
All that is needed to ‘Zoombomb’ is an invitation. “If they hack into somebody’s email, or if the invitation was on a platform like Facebook, they could go in and post porn or rude comments and mess around,” she said.
It also posed a risk with malicious hackers, said Harris. “Once they’re in, they can plant things on to your computer. For example, somebody might pose as a genuine delegate, and they’re setting up a document for you to download. And that could have malware in it.
“In the travel industry, people are storing credit cards, private details, passport numbers, etc. That is very valuable information to criminals.”
Harris said it was a two-way risk, and both the meeting organiser and the attendee needed to protect themselves. “From the meeting convenors’ side, they will set up a meeting, put in everybody’s emails, and send a link. But they can set it up in such a way that they will still have to approve who comes in to the meeting. From attendees’ point of view, they still need to protect themselves so that their computers aren’t infected with malware or a virus. Because, if they aren’t protected, someone can intercept their email,” she said.
“If the organiser receives a request from someone they invited who has been hacked, it will allow an intruder to log on,” she added. “Whatever communication platform you’re using, make sure to understand it, and only approve certain people.”
Finally, she warns of fake invitations. “I can make a link that looks like a Zoom invitation but it actually contains a virus. If you get an unusual invitation to a Zoom meeting, contact the organiser to confirm if it is legitimate.”