Buzz
For individuals using Zoom for remote work, malicious actors exploit program vulnerabilities, causing havoc through a form of attack known as Zoom-bombing. Despite its amusing name, it can disrupt and seriously offend participants in a meeting or online class.
What is the concept of Zoom Bombing? Is it dangerous?
In this article, Mytour will provide readers with information on what Zoom-bombing is, why you don't want to experience it, and how to protect yourself from this attack.
What is Zoom-bombing?
Zoom-bombing or 'Zoom bombing' is the act of infiltrating an insecure Zoom meeting. This can happen if the meeting host fails to establish security measures to prevent Zoom-bombing. In essence, it shares similarities with photo bombing, except Zoom-bombing can cause much more significant harm.
Simply put, Zoom-bombing is when a stranger invades a Zoom meeting or online class to disrupt, harass, shout, and even disseminate objectionable content such as images or videos. There have been instances where students exploit Zoom-bombing to create chaos in online Zoom classes.
Why do others easily engage in Zoom-bombing like that?
Usually, Zoom-bombing occurs when someone publicly shares a link to an insecure Zoom meeting. Zoom-bombing happens due to 2 mistakes.
- The first is the host organizing the meeting without implementing additional protective measures.
- The second is someone exposing the public meeting ID to the world. This could be sharing the link on social media, a member intentionally leaking the ID, or an ID being inadvertently revealed and uncontrollably exposed.
When these 2 mistakes occur, a stranger can find the link, click on it, and brazenly enter the meeting. This opens up opportunities for Zoom-bombers to share links and coordinate large-scale infiltration.
How to Ensure Safety Against Zoom-bombing Attacks?
Recently, UK Prime Minister Boris Johnson tweeted an image of his Zoom conference to announce the first remote meeting. However, in doing so, he also exposed the meeting ID.
Fortunately, Boris set a password and enabled two-factor authentication in the room to prevent others from joining. But consider this: if the meeting lacked these safeguards, anyone could infiltrate a crucial government meeting and document the proceedings. What would be the consequences?
Setting up a meeting to thwart Zoom-bombing is straightforward. Just ensure a few settings are enabled before initiating a new session or using an existing room. Here are 4 steps to help you protect your Zoom meetings and online classes.
1. Set a password for your Zoom meeting
Firstly, ensure your meeting has a secure password. When organizing or initiating a new meeting, look for Require meeting password and check this option. For guidance on setting a password for classes in ZOOM, refer to this link.
2. Initiate a waiting room for your Zoom meeting
While a password will prevent random individuals from disrupting your meeting, it does not guarantee 100% safety. As mentioned earlier, someone you invite may inadvertently share the link and password. To counteract this form of attack, open a waiting room for your meeting. This option is not activated by default, so to create a waiting room for online classes or meetings on Zoom, click the arrow icon next to New Meeting on the main interface > ID > PMI Setting and check the Enable waiting room option to activate this feature.
Now, when someone joins the meeting, they will be placed in a virtual queue and require your approval to enter the room. You can view the queue by clicking on Manage participants at the bottom of the active meeting.
You can admit them if you invite them, or decline if they seem suspicious.
Unfortunately, at the time of writing, there is no way to prevent someone from turning on their webcam. However, if they display inappropriate content through their webcam, you can click on More next to their name on the participant list, and then disable their camera.
3. Preventing others from screen sharing in Zoom
Part of the Zoom bomb attacks involves displaying irritating images. This is achieved by sharing the screen, where attackers broadcast what's happening on their screen instead of their webcam.
To prevent this, click on the upward arrow next to Share Screen while in the meeting and click on Advanced sharing options.
Then, under the Who can share section, click to select Only host.
This will prevent participants from sharing content on their screens, while you as the meeting host can still share content as needed.
4. Locking Your Zoom Meeting
Finally, after everyone has joined the meeting, you can lock the room. To do this, make sure the participant list is complete. Click on Manage participants again, and under the list of participants, click on More > Lock Meeting.
When a meeting is locked, anyone attempting to join will be denied access.
Additionally, it's advisable to update to the latest version of Zoom for better support.
Zoom bombing has become a popular pastime for malicious attackers on the internet, so arming yourself with ways to combat them is essential. Fortunately, there are numerous options you can activate to thwart this menace, from setting strong passwords to enabling the waiting room feature. Don't forget to check out the 6 Zoom Meeting Security Measures you need to know to make your meetings safer.
