FBI warns of 'Zoombombing' as more businesses, schools utilize teleconferencing

Cyber criminals could be listening in on meetings
FBI warns of 'Zoom-bombing,' where teleconferences and online classrooms are hijacked
Posted at 6:12 PM, Apr 07, 2020
and last updated 2020-04-07 20:27:13-04

CLEVELAND — Millions of Americans are now working and learning from home.

COVID-19 launched Americans into a virtual work and school world quickly.

Now, the FBI has received reports of teleconferencing hijacking or "Zoombombing" emerging across the United States.

"Zoombombing is getting the meeting ID and then joining the meeting and yelling something that is offensive or doing something like playing porn in a classroom," said Alex Hamerstone with TrustedSec.

"We're not specifying one particular platform but across the board, any platform you're using to conduct meetings, conference calls, classrooms," said Special Agent Vicki Anderson, Cleveland FBI.

It's happened in Boston and Tampa — Zoom classrooms disrupted.

"A lot of what we are seeing around Zoom is people finding out passwords or meeting IDs and just joining the meeting, " said Hamerstone. "That's different from finding flaws in the Zoom product itself," he explained.

But, it's not just the disruption, cyber criminals could be listening in on meetings without anyone ever knowing it, gaining access to "sensitive information that could be eavesdropped on — exchanging financial information — that information is now accessible by hackers," said Anderson.

There are things steps you can take to protect yourself; require a password, don't make meetings or classrooms public, use a waiting room feature, don't share the link publicly or on social media.

Zoom published information about protecting meetings and have changed settings for school accounts.

Zoom sent News 5 the following statement:

“We have been deeply upset by increasing reports of harassment on our platform and strongly condemn such behavior. We are listening to our community of users to help us evolve our approach and help our users guard against these attacks. We recently changed the default settings for education users enrolled in our K-12 program to enable virtual waiting rooms and ensure teachers are the only ones who can share content in class. Effective April 5, we are enabling passwords and virtual waiting rooms by default for our Free Basic and Single Pro users. We are also continuing to proactively educate users on how they can protect their meetings from unwanted intruders, including through our offering of trainings, tutorials, and webinars to help users understand their own account features and how to best use the platform.”