Blog

Feb 19, 2021

How Can the Zoombombing Issue be Solved?

IT Services Blog

400244726_online_meeting_hacked_400.jpeg

Conferencing has played a crucial role for businesses, and never more than in the past year. Unfortunately, this has presented the opportunity for trolls to join in these remote collaboration efforts, interrupting them with inflammatory and vulgar content. Labelled “Zoombombing”, these attacks have led to the implementation of numerous privacy protections and countermeasures… but the question remains: how effectively do these protections defend a business’ efforts?

As a study has revealed, not effectively enough.

The Zoombombing Situation

With the remarkable increase in the use of conferencing as of late, it comes as little wonder that cybercriminals and other miscreants have used it to their advantage. With the popularity of Zoom for personal and professional communications particularly increasing, the phenomenon known as Zoombombing—when a Zoom conference is hijacked by an outside party and bombarded with spammy, offensive content—has had a field day.

Adult videos have been shared, while other unwelcome visitors have been content to simply shout vulgar language and derogatory slurs. Some people have Zoombombed meetings to expose themselves to the participants.

In response, Zoom and other software developers have upped the protections surrounding their solutions, with things like password-protected meeting spaces, requiring participants to be welcomed into the meeting space, and recommending that businesses refrain from publicly sharing their meeting times.

A Lot of Zoombombing is Enabled by Insiders

Unfortunately, these efforts are limited in their efficacy by the unfortunate reality that many Zoombombing attacks are enabled by one of the participants working as an insider. By sharing the verified password to the meeting space, one of your users could easily hand out the keys to the castle, and they could share some names so attackers can hide in these waiting rooms.

This is all exacerbated when a meeting has a lot of participants, making these kinds of inconsistencies harder to catch and vetting each participant no longer feasible.

How Can This Be Fixed?

Two words: individual links.

As a disclaimer, not many services have this feature, but one very effective way that this could be remedied is for a conferencing solution to generate a unique access link for each participant. That way, the participant is required to log in, which allows the platform to cross-reference its records and check if that link was sent to the user who used it… as well as helping to identify which user may have leaked their link.

Furthermore, these links would only accept one user to make use of it at a time, meaning that a link in use by your actual user couldn’t also be used by a would-be Zoombomber.

With any luck, more platforms will adopt these options, helping to make conference meetings more secure, and more productive as a result. In the meantime, COMPANYNAME is here to help you with the rest of your security. Give us a call at PHONENUMBER for assistance.

Subscribe

Join our mailing list to get the latest news, offers and updates from Netcotech.

Related Posts

October 24, 2018

Intro to Your Tech: Zero-Day

  • IT Services Blog

While a technology exploit or vulnerability is never a good thing, hearing one described as “zero-day” adds another level of […]

Load More

Is your IT holding you back?

Learn more about our IT consulting services. We’re here to help.