As a growing number of Americans turn to video chat programs, like Zoom, amid COVID-19 shelter in place orders, more instances of so-called “Zoom-bombing," where someone enters the chat without permission, are being reported.
“Unfortunately, in some cases, what has occurred is educators and other people have put that (Zoom) link on social media,” cyber security expert Alain Espinosa said.
Espinosa, who is director of security operations for Online Business Systems, said many people were either not aware they could, or don’t take the necessary steps, to secure their meeting.
“And in the middle of the meeting, what has occurred, is they (a hacker) will come on and yell profanities, for example,” Espinosa said.
Full coverage of the COVID-19 outbreak and how it impacts you
Collin College cyber security professor Mike Saylor is among those who has experienced “Zoom bombing” firsthand. Last week, an unidentified person named only “Russian” attempted to enter his online lecture multiple times, with their intent a mystery.
“Intent is a big deal in cyber and I think the most concerning thing for me is that it said Russian,” Saylor said.
Fortunately, Saylor had set up a "waiting room," which means he had to give anyone entering permission. Espinosa recommended people take the following three steps to reduce their chances of being “Zoom bombed.”
- Set up a password for your Zoom ID and don’t overshare the link to the meeting.
- Set up a waiting room option and monitor who you let in.
- Lock your meeting once everyone has joined.