Feds warn about hackers during COVID-19
There is the potential for hackers to disrupt videoconference meetings taking place during the stay-at-home orders.
PHILADELPHIA » While living in the era of coronavirus and social distancing, many have turned to videoconferencing to conduct business and to stay in touch with family and friends, but authorities warned such activities come with their own sets of risks.
U. S. Attorney William M. McSwain said there is the potential for hackers to invade and disrupt videoconference meetings taking place as people use videoteleconferencing platforms to conduct online meetings or social gatherings.
“In the weeks following the coronavirus outbreak, videoconferencing platforms have become a part of daily living, used in a variety of ways, from conducting online classes, to hosting extended family gatherings, to holding large corporate meetings,” McSwain said recently.
“Unfortunately, we have also seen an uptick in video hacking, where cyber actors hijack VTC meetings and cause a variety of harms, from showing inappropriate images to making death threats. Hackers beware: this behavior is not funny in any way and will not be tolerated.”
Last month, the FBI and other law enforcement agencies issued warnings to those using popular videoconferencing apps like Zoom, pointing out some users reported hackers or uninvited guests making threats or interjecting racist remarks or pornographic images during the virtual meetings. The attacks are often referred to as “Zoom bombing.”
McSwain said that as individuals continue to engage in online learning and social and business meetings during the pandemic, law enforcement recommends exercising due diligence and caution and encourages users to take the following steps to mitigate videoconferencing threats:
1. Do not make the meetings or classrooms public. Videoconferencing platforms have options under “settings” to make meetings private by requiring participants to enter a meeting password, follow a link to a meeting, or wait in a virtual “waiting room.” These are all features that allow the host to limit public access and control admission of guests.
2. Do not share a meeting link publicly. Do not use publicly accessible social media platforms to share your meeting link with participants. Provide the link directly to specific people.
3. Manage screen-sharing options. Most video-teleconferencing platforms have screen-sharing capability so that participants can see a host’s presentations, a feature often used in online classroom settings. Change the screen-sharing setting to “Host-Only” so that participants cannot share their screens.
4. Download updates. Ensure that users are using the updated version of remote access/meeting applications, as many video-teleconferencing platforms have built in additional security measures in their latest updates.
5. Familiarize yourself with the videoconferencing platform’s capability to remove intruders and lock meetings. Most videoconferencing platforms have ways for hosts to remove participants and prevent them from re-joining and to lock meetings once all participants have joined. Consult with your employer’s IT professionals for more information about the features.
McSwain said those who are victims of a video-teleconference hijacking or any cybercrime can report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov. If you receive a specific threat of harm during a videoconference, please report it at tips. fbi.gov, 1-800-CALL-FBI, or by calling FBI Philadelphia at 215-418-4000.
“In the weeks following the coronavirus outbreak, videoconferencing platforms have become a part of daily living, used in a variety of ways, from conducting online classes, to hosting extended family gatherings, to holding large corporate meetings.” — U.S. Attorney William McSwain