Web Analytics

Cybersecurity Expert: How To Protect Yourself From ‘Zoombombers’

“Zoombombers”, a term used to describe someone who hacks into an online group, are exploiting the coronavirus social distancing directives by infiltrating a growing number of online meetings with hateful messages.

A group of Yeshiva University students, a Jewish institution in New York, were “Zoombombed” on Tuesday night by individuals who posted antisemitic comments in their group that included, “SHUT THE F*** UP JEWS” and “IMMA GAS YALL.”

Zoom-Bombing.png

“We are horrified to see this new trend ‘Zoombombing’ gaining traction; for antisemites to disrupt online learning sessions, city meetings, even funerals with their bigotry is shameful. Would the police tolerate a neo-Nazi running into a classroom at Yeshiva University screaming ‘Heil Hitler’? Of course not; the individual would most likely be arrested and charged,” StopAntisemitism.org’s Liora Rez said in a statement to SaraACarter.com.

“We would like to have the authorities treat those participating in ‘Zoombombing’ the same way,” Rez added. “Real consequences are the only way to combat antisemitism and hatred online.”

zoom.png

In a similar attack, hijackers recently infiltrated a London synagogue’s Zoom session with antisemitic messages after the group shared the meeting link on public accounts to ensure the community could join, including many families and children.

“One of the founding ideals of our community is that we should welcome those who wish to join us for prayer, ” the synagogue’s rabbi said in a statement. “We recognize that many Jewish households are not members of synagogues, or are members of communities that are not able to offer online services. We want to assure them that they are still welcome to pray and study with us.

He continued, “It is deeply upsetting that at such a difficult period we are faced with additional challenges like these. We will be keeping the security of our online provision under review through the weeks ahead.”

Last month, a “Zoombomber” entered a city council meeting in New Canaan, Connecticut to post “references to male genitalia,” according to a report from the New Canaan Advertiser. The town Council Chairman John Engel muted the hackers but they kept “popping up with new names,” he told the new site.

With Zoom being one of the only ways to meet during the coronavirus pandemic, many are questioning how to stay safe in the online chat rooms. Dr. Eric Cole, a cybersecurity expert, former CIA analyst and Founder and CEO of Secure Anchor Consulting, told this reporter that reports of “Zoombombing” that were once a “one-off” event have “increased exponentially” during the coronavirus outbreak.

“The corona and everybody working from home and doing virtual meetings took these small, little problems that we knew about and basically just shined a really big light on it,” he said.

Here’s Dr. Cole’s advice for staying safe on Zoom

For churches, synagogues, and other gatherings advertising Zoom links publicly, Cole recommends for group administrators to put participants in “listen only mode”, meaning users can’t post, appear on video, or turn on their microphone.

“Even if people join in, they can’t post anything, they can’t say anything, they can’t do anything, they can only listen and receive content.” said Cole, “That’s probably one of the easiest, simplest mechanisms that’s built into Zoom, but, like I said, because so many people are looking at the functionality, they’re just not aware of how to configure it correctly.”

If you’re a community leader setting up a Zoom session, there are three configurations that you can control to prevent “Zoombombers,” Cole explained. The first is “whether people are on mute or not, you can override their settings so you can actually lock people on mute.”

The second way is to “lock out video so they can’t turn on their video”, and, finally, administrators can block posts and comments to stop participants “from posting any comments, any pictures, or any content at all during the call.”

For small groups, which would be around ten people, Cole advises leaders to “set a password on the meeting and then only give that out to those attendees.” Even if someone had the link to the group, not having the password would prevent an outsider from entering the session.

Notably, there is a feature called “locking a meeting” that completely closes the meeting completely to anyone, regardless of if they have a link or password.

When using Zoom, Cole added, users should assume that “by default” it’s not secure, but there are mechanisms that you can implement in less than five minutes to increase security and prevent a “Zoombombing.”