Skip to main content Skip to online banking log in
  • Careers

Zoombombing Gives Hackers a Seat at the (Conference) Table

April 17, 2020

Currently the most popular Apple and Android app in the world, Zoom video conferencing service has been going through some growing pains lately. Since the start of the coronavirus pandemic and social distancing guidelines, the world is turning to Zoom to stay connected. It’s a great way to communicate via web cams and phone calls, but many users find their online gatherings have uninvited visitors. It’s called Zoombombing, and it’s gotten so prevalent that the FBI is now involved.

Zoom use is surging worldwide, helping keep the planet virtually connected at a time it’s needed most. Business meetings, friends and family gatherings, education, and healthcare–you name it and Zoom is likely behind those connections. Now, Zoom and its users have targets on their backs, not knowing if their private meetings are staying that way or if disturbing imagery will show up on their device. In short, how to know the intent behind the Zoombombing voyeurs?

Zoom reports the popularity of their app has gone through the roof in a very short time. In December of last year, Zoom hosted 10 million users a day, but that number has radically changed since the coronavirus pandemic. In just three months since then, over 200 million users (both paid and free) are now flocking daily to Zoom.

However, Mac users are finding security issues that enable Zoombombers to forcibly join meetings. It includes the ability to activate a user’s camera without permission and of course, to listen-in on the conversation. Over time, Zoom’s iOS version for Macs has been flawed with privacy issues besides web cam takeovers. Until very recently, Zoom users who signed-in via their Facebook account found their device information being sent back to Facebook. It’s not known what Facebook did with the data, but on its website, Zoom says the issue is resolved and its privacy policy has been updated.

So how is Zoom responding? They claim they’re doubling down on security in the future:

“Over the next 90 days, we are committed to dedicating the resources needed to better identify, address, and fix issues proactively. We are also committed to being transparent throughout this process. We’ve chosen to enable passwords on your meetings and turn on Waiting Rooms by default as additional security enhancements to protect your privacy.”

From Stickley on Security