State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

VTC Platforms, Such as Zoom, Increasingly Targeted by Threat Actors

NJCCIC Alert

Original Release Date: 4/4/2020

Summary

As more individuals transition to remote work, threat actors are targeting various popular video-teleconferencing (VTC) platforms that facilitate communications in a remote environment. Zoom, in particular, has been a target as of late, taking advantage of weaknesses in the platform’s default security and privacy settings. There have been recent incidents of VTC-hijacking, also known as Zoom-bombing, in which unauthorized persons gain access to a teleconference and display lewd, threatening, or otherwise inappropriate images and language.

To create a more secure VTC environment with Zoom, the NJCCIC recommends the following:

  • Require a password for all meetings and securely share that password only with your invited guests. Once set, guests must enter the passcode in order to enter the meeting. This will prevent unauthorized individuals from joining a meeting.
  • Use waiting rooms. This allows the meeting host to verify those attempting to gain access to the meeting.
  • Do not share your meeting IDs. These are unique to individual users and could be used to determine when a meeting is currently in progress.
  • Send links to meetings directly to individuals and do not publicly post meeting links. This could allow unauthorized individuals access to your meeting, particularly when other security settings are not in place.
  • Disable participant screen sharing or file sharing. This will prevent your meeting from being hijacked by others and allowing the sharing of inappropriate content.
  • Lock meetings once everyone has joined. This will prevent unauthorized users from gaining entry while the call is in session.
  • Avoid posting photos of your Zoom meetings. This could provide threat actors with the associated meeting ID and information on who is attending your meetings.
  • Disable the “Allow Removed Participants to Rejoin” option. If an unauthorized participant is identified and removed, this will prevent them from regaining access to the meeting using the same account.
  • Do not use your Facebook or Google account to sign into Zoom. This will help protect your privacy by limiting the amount of information Zoom, Facebook, and Google can collect about you.
  • Beware of Zoom-themed phishing emails. These may purport to be from Zoom and direct the recipient to open a malicious link or attachment in order to deliver malware or steal user credentials.
  • Keep Zoom updated. Enhanced security and privacy features may be applied. A recent update enabled meeting passwords by default, for example.

Reporting

The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form by clicking here.

Please do not hesitate to contact the NJCCIC at njccic@cyber.nj.gov with any questions. 

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.