During lockdown many people are using online video meeting software, such as Zoom, to keep in touch with friends, family and work colleagues.
Over the past week Hertfordshire Constabulary have received reports in Watford and Welwyn Garden City of people crashing private meetings, or ‘Zoombombing’ which is when uninvited attendees break into and disrupt meetings.
There’s been an increase in malicious communication offences, where abusive messages and even offensive video footage has been broadcast into meetings.
Detective Sergeant Marc Willmore from Hertfordshire Constabulary’s Safeguarding Team said: “Many of the online video meeting platforms have security issues that can be exploited by determined hackers. The perpetrators of video-call hijackings are hard to identify and track down, due to the speed of the attacks.”
“For determined trolls, it can be easy to Zoombomb a meeting; they can research online for unprotected meeting links, which are often posted on social media or chat forums.
“There are some easy changes you can make to settings before your meeting begins that will allow you to reduce the likelihood of intrusion by uninvited guests, and generally bolster your privacy overall.”
- Don’t use your Personal Meeting ID for the meeting. Instead, use a per-meeting ID, exclusive to a single meeting. Zoom’s support page offers a video walk-through on how to generate a random meeting ID for extra security.
- Share your meeting ID privately, do not post it to social media such as Twitter or Facebook or open forums where anyone can find the ID using simple searches.
- Create an Invite-Only Meeting (this feature is for paid Zoom accounts only). This means the only people who can join the call are those you invited, and they must sign in using the same email address you used to invite them. It gives you much more assurance that people are who they say they are.
- Enable the “Waiting Room” feature so that you can see who is attempting to join the meeting before allowing them access. When participants log into the call, they see a Waiting Room screen and can’t get into the call until the host lets them in. You can let people in all at once or one at a time, which means if you see names you don’t recognise in the Waiting Room, you don’t have to let them in at all.
- Disable other options, including the ability for others to Join Before Host (it should be disabled by default, but check to be sure). Then disable screen-sharing for non-hosts, and also the remote control function. Finally, disable all file transferring, annotations and the autosave feature for chats.
- Once the meeting begins and everyone is in, lock the meeting to outsiders and assign at least two meeting co-hosts. The co-hosts will be able to help control the situation in case anyone bypasses your efforts and gets into the meeting.
- Sometimes an unruly participant manages to slip through the cracks. As the meeting host, you do have the power to kick someone out of a call or put them on hold. To kick someone out: During the call, go to the Participants pane on the right. Hover over the name of the person you want to boot and when options appear, choose Remove. By default, an ousted guest cannot rejoin.
If you need to report abusive behaviour to Zoom you can do this during a meeting or by email. Zoom’s help centre provides advice on this and other security matters and it is helpful if you document the date of the incident, the meeting ID, the name of the person who has caused offence and a brief summary of the incident.
If you are concerned that an offence has been committed, then report online or call 101.
0 Comments