The FBI in Boston is warning of video teleconference hijacking after two Massachusetts schools were reportedly "Zoom bombed" in recent weeks, according to NBC News.
"Zoom-bombing" is when someone appears on Zoom or another teleconferencing session and disrupts the application with pornographic or hate images and threatening language. More and more businesses and schools have been using Zoom and other teleconferencing technology in recent weeks due to coronavirus-related shutdowns.
The FBI said two Massachusetts schools were recently hacked in this manner, which is part of a growing national trend.
In one of the cases, a high school reported that while a teacher was conducting an online class an unidentified individual dialed in and yelled profane remarks while shouting out the teacher's home address.
In the other incident, a different Massachusetts school reported that Zoom was accessed by an unidentified individual who was seen on the video chat displaying swastika tattoos.
Another incident happened last Sunday when the First Baptist Church of Jamaica Plain was hosting a service using Zoom.
U.S. & World
"They shared some racist remarks. Some very unfortunate homophobic remarks and then also engaged in some obscene comments and gestures online," First Baptist Church Rev. Darrell Hamilton told NBC10 Boston.
Hamilton said they did their best to shut the trolls down.
"We tried to mute and remove people individually but after we realized we were sort of hit by too many people we ended up just having to end the meeting abruptly and start it up again with a password protected worship service," Hamilton said.
To prevent this from happening, the FBI suggests the following tips for schools and businesses using teleconferencing technology:
• Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private; require a meeting password or use the waiting room feature and control the admittance of guests.
• Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
• Manage screensharing options. In Zoom, change screensharing to “Host Only.”
• Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
• Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.
Anyone who experiences this type of activity is urged to contact their local FBI field office or the FBI's website for cyber-related crimes.
