Zoom meetings and information security: How to protect yourself from cyber attacks and hacking
Defend your post
The current gameplan to combat COVID-19 now means that millions of people around the world are now stuck indoors. What does that mean for the homebound workforce? You might have already got used to it — Zoom meets are the way to go. Now holding 20% of the global market share, Zoom has surpassed its competitors with its accessible and simple interface. But with popularity comes at a price, and for Zoom that comes in the form of cybercriminal hackers.
Zoom has become a staple in many households and organisations, using it to video communicate both personally and professionally. And that didn't go unnoticed by cyberhackers. Coining the term 'Zoombombing', this new horrific trend has seen hackers intruding into private meetings. Omer Dembinsky, manager of cyber research at Check Point, warned users that his team has witnessed a surge in "Zoom" domain registrations especially during the past few weeks.
There's always a way out, or at least a preventive measure to fight off this technical attack. Here's a quick rundown on the top security tips from none other than Asia Pacific's security experts themselves, who hail from leading firms like Check Point, HackerOne, and Synopsys cyber security companies. Intruders won't stand a chance.
Set a strong password
This may seem like a no brainer but when put into practice can save you from a lot of damage. Jonathan Knudsen from Synopsys Software Integrity Group says that in order to ensure your meetings contain the people that you are expecting, use a strong password with letters, numbers and symbols. Basically, make it long — and complex — so much so that even your mother wouldn't be able to guess, let alone a sprawling internet hacker. Stemmed from COVID-19's unleashed wave of cyber-attacks, Zoom's default password setting will also be turned on for previously scheduled meetings. Another exciting breach-proof addition that Zoom has added is the waiting room feature. Just like how it sounds, this feature allows the host to create a virtual waiting room with the liberty of checking people in.
Exercise caution when sharing the meeting information/ID
Now you've got the strong password on lock but what about taking invitation precautions? Check Point Software Technologies reports that in order to be fully protected we must pay attention to how we invite various participants into a call. If you typically click on the "Invite" button and copy the URL or click 'Copy Invite' to send it to your colleagues — you might want to reconsider. Solely based off the fact that the link does not require password entry. So, you guessed it — anyone with the link can enter the call without an ID number or password.
Encrypt recordings and data between participants
We're talking encrypted video, audio, text, files — basically all forms of outgoing content. Synopsys suggests that in order to protect your meeting and data, encrypting is the way to go. Ideally, data should be encrypted by each participant and decrypted when it reaches other participants. That way, if there are any unwarranted listeners tapping in, they will only be able to obtain unintelligible encrypted data. Meeting recordings are also susceptible to a possible security breach so save yourself the trouble and put a password to view the recordings.
Monitor the attendee list
The rising numbers of Zoombombers has seen inappropriate video call interruptions from racist slurs to sexual harassment. Hence, even if you are utilizing secure link-sharing features, it is best to restrict the use of cameras by other participants as much as possible. While you're at it, limit meetings to only people in your organisation. This will help to reduce the risk of seeing anyone or anything unexpectedly. And besides, managing participants during a call is simple and easy to do. As Aaron Zander — head of IT — from HackerOne states: "The last thing you want is an intruder (external or internal) to drop in on sensitive meetings".
Keep up to date
Constantly pressing the ignore update button? This one's for you (and us too). Effective security cannot be achieved without frequent updates. Not only do they address "bugs", but they also prevent security breaches. On top of that, Check Point states that after a security breach has been repaired, you're not in the clear just yet. You actually have to run a software update in order to receive the company's product patches to address the threats. So if you're not open to letting random cyber criminals eavesdrop on your 'strictly confidential' meeting, give your Zoom account the freedom to treat itself to a much-needed update.