Department of Justice Warns Hackers Amidst Coronavirus Pandemic
Businesses and universities across the country are turning to video-teleconferencing (VTC) platforms to continue their operations during the coronavirus pandemic. As recently announced by the Department of Justice, however, federal investigators at the FBI have recently reported incidents of video hacking or “Zoom-bombing” is on the rise. Hackers are disrupting online meetings and classroom lectures through various means such as injecting images and communications related to pornography, hate speech, and even threats of violence.
Forbes, BBC, New York Magazine, CNET, and other business, technology and news outlets across the globe are reporting the well-known privacy and data security issues with the VTC platform Zoom.
Local, state, and federal law enforcement across the United States are teaming up to warn of those dangers to Zoom users and fend off would-be hackers. Michigan and Pennsylvania are among those states that have agreed to collaborate and crack down on hacking teleconferences.
“You think Zoom bombing is funny? Let’s see how funny it is after you get arrested,” stated Matthew Schneider, United States Attorney for Eastern Michigan. “If you interfere with a teleconference or public meeting in Michigan, you could have federal, state, or local law enforcement knocking at your door.”
Andrew Birge, United States Attorney for the Western District of Michigan warns businesses and would-be hackers shared a similar opinion as his neighboring counterpart. “Whether you run a business, a law enforcement meeting, a classroom or you just want to video chat with family, you need to be aware that your video conference may not be secure and information you share may be compromised. Be careful. If you do get hacked, call us.”
Similarly, United States Attorney for the Western District of Pennsylvania, Scott W. Brady has joined forces with Pennsylvania Attorney General Josh Shapiro reports the Department of Justice.
U.S. Attorney Brady said, “Hackers are disrupting business and community meetings for sport and targeting specific groups, including addiction recovery meetings, in order to mock, harass and interfere with treatment. This is another low point in this crisis. We are better than this. DOJ will use all of our resources to find, expose and prosecute these low-lifes.”
“At a time when people need internet conferencing technology to do essential business or to connect with loved ones, it’s vital that we make these platforms safe from hackers,” stated Pennsylvania Attorney General Josh Shapiro.
The law-enforcement leaders warn that potential criminal charges related to teleconference hacks include, but are in no way limited to, disrupting a public meeting, computer intrusion, using a computer to commit a crime, hate crimes, fraud, or transmitting threatening communications. All of these charges may be punished by fines, imprisonment, or both.
Together, these joint task forces provide meaningful and almost essential best practices to avoid the risk of a teleconference hack, and ensure your privacy and data are secure:
- Keep your meeting or conference private. Do not make it public. Zoom provides its users two options to make your conference private:
- 1) requiring password, or
- 2) use the waiting room feature to control guest admissions
- Send direct links to each attendee only. Do not share a link on an unrestricted publicly available social media post. Instead, provide the link directly to specific people.
- Zoom features a screen-sharing control. Change screen sharing to “Host Only.”
- Make sure attendees are using the latest version of Zoom. Zoom recently updated their software January 2020, in which Zoom included the addition of passwords as a default requirement for meetings, as well as disabling the feature that allowed users to begin a random search of meetings to join.
- Make sure you and your fellow attendees are familiar with the features of Zoom posted on their blog. Helpful features include closing a conference call in the middle and kicking out disruptive people
- Finally, make sure your business, education or organization has a telework, security, or privacy policy that includes best practice steps for ensuring information and physical security of your data.
If you, friends, coworkers, or a family member experience anything that appears to be a teleconference hack, please visit the website of the Department of Justice, FBI, or state and local law enforcement to report the activity and obtain more information.
