Late last week, Dallas ISD was the victim of a Zoom attack known as a "Zoom-bombing."
According to the district, a Dallas ISD Zoom meeting with parents and seniors was hacked and graphic images were briefly displayed in the meeting.
The meeting with Yvonne A. Ewell Townville Center students and staff was quickly stopped and restarted without further incident, the district said. Dallas ISD did not say how many people were in the virtual meeting.
"It's unfortunate the digital platform that many of us rely on to connect students with teachers each day has been compromised through various 'Zoom-bombings,' " the district said in a written response. "We apologize for the graphic images some of our students and families may have seen."
“Zoom-bombing is when someone joins your meeting with the intention of disrupting it in some chaotic way,” Cyber Security Specialist Maya Levin with Check Point Software explained. “I’ve seen everything from racial slurs to posting very inappropriate videos.”
“Usually with hackers there is some sort of financial incentive or motive for their attacks, but that’s not the case with these zoom bombing attacks,” Levine added. “It seems that the motive is just purely to cause chaos or to mess with people.”
From school and work to family meetings, Zoom and such platforms are growing in popularity out of necessity during the COVID-19 pandemic.
Local
The latest news from around North Texas.
“When it comes to meetings that are intended to be public, you post them on social media or on other kinds of sites and that’s how people can find out about them,” Levine said. “They simply just have to search zoom.us on Facebook and whatever meetings that have been publicly posted will show up.”
“If you are hosting what is intended to be a private meeting – never post it on social media,” Levine said. “Send out specific invites to the e-mails of the attendees you want to join and set it up so that only those people are allowed to join.”
For smaller gatherings, it is also recommended to use the Waiting Room function. You have to allow people to actually enter the meeting room from the Waiting Room.
“If you have hundreds of people joining a meeting, you can’t manually accept each one. So, what I would recommend if you are having a meeting with 50 or more attendees or is intended to be public and needs to be posted somewhere online – use what is called a Webinar instead of a meeting feature on Zoom,” Levine said. “That makes it so that there are a few panelists who are the ones that can present and speak and anyone else who joins is an attendee. They can’t unmute their microphone. They can’t share their scene.”
Experts say to also be careful with links dropped in the chat box. Those links can be more traditional and lead to a malicious site to collect personal information or infect your computer.
“If you are using your own personal Zoom account, always click on ‘create a new meeting’ instead of using your own personal meeting ID,” Levine said. “Every Zoom user will have a personal meeting ID. It’s like a permanent virtual meeting room and the reason why this is more dangerous is because it doesn’t change, so if for some reason an attacker or someone with malicious intent got a hold of your Zoom meeting ID and is constantly using it, it really increases your chances of being Zoom bombed.”
