Dodging Zoom Bombs

Dodging Zoom Bombs

On Friday of last week, as reported by WCPO, a Zoom panel led by Mason High School's Black Student Union was Zoom bombed with "hate speech and disturbing images." Zoom bombing occurs when a Zoom (or similar platform's) video conference is disrupted by someone who was not invited to the meeting. These intruders often flood the meeting screens with offensive imagery, videos, sounds, or text. The Zoom panel at Mason High School focused on the experience of Black students in the local area, and, according to a letter sent to parents after the incident, the Zoom bombing contained " 'profanity, gory video images and the N-word.' " Investigation into who perpetrated the Zoom bombing is ongoing.

Zoom bombing first hit headlines back in the early part of the pandemic, when many business first switched to a remote-work model. Sadly, as the above story shows, the phenomenon hasn't ceased. Still, this doesn't mean that firms are helpless in the face of this problem. What are some measures you can take to improve the security of your video conferencing?

Preventing Zoom Bombing

Panda Security, a private IT security firm, published a helpful list and info-graphic back in September, which outline preventative measures anyone can employ to protect themselves from Zoom bombing. Notably, they even have a whole section for teachers.

The first set of advice recommends that large meetings should use randomized meeting IDs. Using a recurring meeting ID makes it much easier for outsiders to get in if they find out the meeting's number designation. By contrast, having a new, randomized ID every meeting can reduce the likelihood that someone will enter uninvited. What's more, every meeting should have a password, and attendees should be instructed not to share the password with outsiders.

The next tips focus on meeting hosts' powers once the conference has begun. Hosts should use the waiting room feature, which allows them to see who's trying to enter a meeting and enables them to grant and deny access at will. In addition, be incredibly cautious when allowing attendees to share their screens or even turn on their video and audio functions. Lastly, locking your meetings once all of your attendees have arrived will prevent stragglers from sneaking in later.

What if you Get Zoom Bombed Anyway?

Unfortunately, preventative measures can only go so far. If you've been Zoom bombed, the most prudent measure would be to try and identify the intruder while the meeting is still going on. This is a trade-off, as it extends the amount of time attendees are exposed to the bombers' content. But if you can identify your intruder, it will be much easier to report the intruder to Zoom for investigation. End the meeting once that's been accomplished.

This may not be feasible for larger meetings, like the panel at Mason High. WCPO reports that the school district asked for help from the Southwest Ohio Computer Association, who "dug through meeting log files. IP addresses of multiple unknown participants in the panel, which the district believe likely were the Zoom bombers, originated from other parts of the United States, and several international addresses were included." If the IP addresses in question can be linked to a person or organization, then the school may be able to find out who perpetrated the attack.

Have you been Zoom bombed? Do you use video conferencing often, and you're anxious about the prospect of someone disturbing or listening in on your conversations? Titan Tech can help you craft security protocols for remote work and can even investigate if you do get Zoom bombed. Contact them today for more information.

And for everything else tech related, stay tuned for more news next week.