In recent months, schools, councils, businesses, and the general public have been using the videoconferencing app to communicate after social distancing and lockdown measures introduced to slow the spread of COVID-19 made face-to-face interaction difficult.
However, as the number of legitimate users has risen, so too has the number of Zoom-bombing incidents in which malicious users hack meetings to subject attendees to unwanted language and images.
While some Zoom-bombings consist of little more than a schoolboy prank, others are seriously offensive, featuring lewd imagery, expletives, and racist language. According to the FBI, a growing number of these cyber-attacks now feature material depicting the sexual abuse of minors.
“During the last few months, the FBI has received more than 195 reports of incidents throughout the United States and in other countries in which a Zoom participant was able to broadcast a video depicting child sexual abuse material (CSAM),” wrote the FBI in a statement released yesterday.
“The FBI considers this activity to be a violent crime, as every time child sexual abuse material is viewed, the depicted child is re-victimized. Furthermore, anyone who inadvertently sees child sexual abuse material depicted during a virtual event is potentially a victim as well.”
The Bureau asked any Zoom hosts or administrators who have had a meeting disrupted by the broadcast of CSAM to contact the FBI and to keep a record of what occurred.
The FBI warned Zoom users to consider the privacy of any videoconferences they schedule.
“Links to many virtual events are being shared online, resulting in a lack of vetting of approved participants,” said the FBI. “Do not make meetings or classrooms public. Do not share a link to a teleconference or classroom on an unrestricted, publicly available social media post. Provide the link directly to specific attendees.”
The Bureau advised users to make their Zoom meetings private either by requiring attendees to enter a meeting password or by using the waiting room feature to control the admittance of guests.
To limit the risk of abusive content being shown, hosts can change the screen-sharing options to “Host Only.”
Source: Infosecurity Magazine