FBI Warns of Teleconferencing and Online Classroom Hijacking

The FBI have a good summary of keeping your WFH sessions reasonably secure. Note that there’s nothing about platforms (*cough* Zoom) sharing your details with Facebook (which they have now ‘fixed’). As always with software, make sure everything is as up to date as it can be and RTFM…:

If you are among the many people turning to video-teleconferencing (VTC) to stay connected during the COVID-19 pandemic, you need to protect yourself from “Zoom-bombing” – the entrance of uninvited individuals into your VTC.  The FBI has received multiple reports of conferences being disrupted by offensive images and/or threatening language.

The FBI recommends the following steps to mitigate VTC hijacking threats:

  • Do not make meetings or classrooms public:
    • In Zoom, there are two options to make a meeting private:
      • require a meeting password; or
      • use the waiting room feature and control the admittance of guests.
  • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post:
    • Provide the link directly to specific people.
  • Manage screen-sharing options:
    • In Zoom, change “screen-sharing” to “Host Only.”
  • Use the updated version of remote access/meeting applications:
    • In January 2020, Zoom updated its software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
    • You should look for further updates to address this threat.


Read the original article here