Practical Techie: FBI warns of weird videoconferencing hack
Cyber criminals have no limits to their evil and no lack of creativity, either. A year after the onslaught of the COVID-19 pandemic a weird, malicious form of cyber kidnappings is occurring in the unlikeliest of venues: the virtual classroom.
The bad guys call their villainy “zoom-bombing.”
A recent announcement by the FBI alerted unsuspecting internet users to be watchful against the hack when teleconferencing, especially when doing classroom work.
“As large numbers of people turn to video-teleconferencing (VTC) and its platforms to stay connected in the wake of the COVID-19 crisis, virtual hijackings are emerging nationwide. The FBI has received multiple reports of conferences being disrupted by pornographic, hate images and threatening language,” said the press release.
For example, according to the FBI, within the agency’s Boston jurisdiction, which includes Maine, Massachusetts, New Hampshire, and Rhode Island, two schools reported similar hacking incidents.
CASES — In one incident late March 2020, a Massachusetts-based high school reported that while a teacher was conducting an online class using the teleconferencing software Zoom, an unidentified individual dialed into the classroom. This individual yelled a profanity and then shouted the teacher’s home address in the middle of instruction.
In another case, a Massachusetts-based school reported a Zoom meeting being accessed by another hacker. In this case, the masked cybercriminal showed himself briefly on the video camera and displayed swastika tattoos. Both cases occurred on the same platform.
CAUTION — The FBI noted that as videoconferencing users continue the transition to online lessons and meetings, users should be exercising due diligence and caution. This includes redoubling online security efforts.
Cybernauts mitigate teleconference hijackings by not making meetings or classrooms public. In Zoom, there are at least two options to make a meeting private. One is to require a meeting password or use the waiting room feature and control the admittance of guests.
Also, never share a link to a teleconference or classroom on an unrestricted publicly available social media post. Instead, provide the link directly to specific people. Additionally, teleconferencers should also manage screen-sharing options, as in “Host Only” within the Zoom platform.
OVERHAUL — In January 2020, Zoom updated its software for stronger security. It now requires added passwords by default for meetings and disabled random scans for meetings to join. The FBI thus advises that users should use only updated versions of the platform, especially its remote access meeting options and to setup a secure telework policy.
The agency gave this address: ic3.gov to report any such teleconference hijackings, or any cyber-crime. It’s the page for the FBI’s Internet Crime Complaint Center.
GUIDES — Remote teaching involves several critical aspects that can be detrimental to the school community. Since virtual classrooms are the main instruments for educational activities during the pandemic year, educators must guard against security threats to the online platforms they use, the experts advise.
While many cases of Zoom bombing are all about run-of-the-mill pranksters, some are serious enough to compromise teacher and student psychological sense of privacy. They usually contain racist, homophobic or misogynist content. It is noted that many of the prank hacks are directed towards female teachers.
Inadequate safeguards can cause the misuse and manipulation of public information and the exposure of students and teachers’ personal data. This website offers interesting options.
Diligently, most teleconference platforms have now prepared guides that illustrate how to protect virtual classroom security and privacy.